Configuration Management in puppet

Configuration Management in puppet

Will see How Configuration management puppet works in this post.

Let us take a example to create user in complex environment with different Linux distribution. To create a user we have small different in command when we go with different distribution like Red Hat, Ubuntu, CentOS,etc.

We have two method to create user without puppet help.

  1. We can directly login to the servers and will create user when the number of server is less. But, in when the server number hits more 100, its very difficult to create user manually in all user.
  2. We can create script to manage user in all servers. But, for that we should have knowledge about scripting and command different and flags(-u, -U) for each distribution. Once the script created, we need a common server which has access to all the other Linux servers.

But, using puppet we can do any type of user/group management, Package installation, service start/stop/restart, etc. By using puppet built-in resources to achieve the same operation on different distribution without worry about the underlying Operating System and commands.

By using simple code will do the necessary configuration management like
user/group management, Package installation, service start/stop/restart,etc.

Example: To create user will write below code to perform the task over all the Linux machines.

# cat user.pp
user { "lbcuser1" :
ensure => "present",
}

Same like above if you want to delete a user/ install package, etc. Solution is wring simple, robust, idempotent, extendable puppet code to the necessary configuration over remote servers.

same like that will see the code to install ntp package, which is used for network time and starting service.

# cat ntp.pp
package { "ntp":
ensure => "present",
}

service { "ntpd":
ensure => "running",
}

Like this will manage environment using puppet code. In other work managing environment using code will call as Iac(Infrastructure-as-Code).
This code will be applied over all the client machines to do the operation and will reduce the manual effort and time.

And its very essay to change the code for any modification on configuration management over all client machines.

Idempotency:
Puppet codes are idempotent by nature. Which means the results of the code remains same irrespective of the number of time we perform puppet run on nodes.puppet always ensure to keep the resources in desired state.
For example in user creation, it will check whether the user is already exist.
If the user already exist, will not perform the user creation and report us that the user already exist. Basically these checks are already in place of the puppet resources.
And if you have lines of codes to perform a action on remote machines, in such case, if any of your action already exist in any server, puppet simply will skip that action and proceed for further configuration.

These all are the good points to why we are using puppet in our environment for configuration management.

Thanks for your support and reading this post. Will post next lecture about puppet in next post.

Refernce: Puppet Docs

How to patch linux servers using ansible

How to patch linux servers using ansible

Ansible is opensource automation tool and will see how to patch linux servers using ansible in this post.

We are going to use RedHat Linux 7.3 Operating System in this practical.

Requirements:
1. Linux Host Installed with Ansible and Yum repository configured with httpd.
2. Linux Host Installed with RHEL 7.4 -> Node machine
3. Since Ansible requires SSH enabled between ansible master and node and don’t have node package, Make sure SSH connection established between Master and node.

Configuring yum repository for patching:
  1. browse https://access.redhat.com/ and login with valid credentials.
  2. Click on Security -> Security Advisories and downlod the necessary packages.
  3. Copy those packages to yum repository where all existing packages are available in Linux host. I downloaded and copied kernel update in my repository.
 
# yum list all | grep 3.10.0-1062.el7
kernel.x86_64 3.10.0-1062.el7 @yum_repo
kernel-headers.x86_64 3.10.0-1062.el7 yum_repo
kernel-devel.x86_64 3.10.0-1062.el7 yum_repo
kernel-tools.x86_64 3.10.0-1062.el7 yum_repo
kernel-tools-libs.x86_64 3.10.0-1062.el7 yum_repo

4. Run createrepo, “yum clean all” & “yum makecache” commands to update the repository along with new RPM’s.

Now the repository is ready for patching.

Ansible playbook for Linux patching:
  1. Login to Ansible Host and change directory to /etc/ansible
#cd /etc/ansible

2. create playbook called “patching.yml” with below content

# vi patching.yml
---
- name: Patch Linux system
hosts: Linux_Servers
become: true
ignore_errors: yes
tasks:
- name: Copy the Kernel Patch Repo File
copy:
src: /etc/yum.repos.d/yum.repo
dest: /etc/yum.repos.d/
- name: Apply patches
yum:
name: kernel
state: latest

3. Edit /etc/ansible/hosts file and provide Linux hosts which needs to be patched and mention group as “Linux_Servers” for those hosts. Host group name has been mentioned in playbook in “hosts: Linux_Servers” portion.

# cat /etc/ansible/hosts
[Linux_Servers]
client.lbc.com

4. Now run the playbook from Ansible host and make SSH connection established between master and client.

# ansible-playbook patching.yml
Before kernel patching:

# uname -a
Linux client.lbc.com 3.10.0-862.el7.x86_64 #1 SMP Wed Mar 21 18:14:51 EDT 2018 x86_64 x86_64 x86_64 GNU/Linux

After kernel Patching:

# uname -a
Linux client.lbc.com 3.10.0-1062.el7.x86_64 #1 SMP Thu Jul 18 20:25:13 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

We successfuly completed kernel patching. Reference:

Installing Docker on RHEL/ CentOS 8

Docker is a tool that uses kernel modules like namespace and cgroups to run container over single OS Instance.

It provides lightweight and efficient environment to deploy and manage applications by creating containers.

We are going to see Installing docker on RHEL/ CentOS 8 in this post

Installing Docker on RHEL/ CentOS 8

Docker available in below two types:

Docker EE(Enterprise Edition)
Docker CE(Community Edition)

Pre-Requisites:

Uninstall the old version of Docker using below command

yum  -y remove  docker-common docker container-selinux docker-selinux docker-engine

Your existing containers will be remain under /var/lib/docker

Installing dependent packages:
# yum -y install lvm2 device-mapper device-mapper-persis                                                                                        tent-data device-mapper-event device-mapper-libs device-mapper-event-libs
Adding Docker Repository:

Docker Inc still didnt replease Docker for RHEL8/ CentOS 8. So, we can use alternate one which is used for RHEL7/ CentOS7

# curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2424 100 2424 0 0 22238 0 --:--:-- --:--:-- --:--:-- 22238

Docker community edition requires container.io => 1.2.2.3. But, its not available for RHEL/ CentOS 8. So, we need to skip and proceed the the docker installation in our own RISK.

# yum install docker-ce
Docker CE Stable - x86_64 16 kB/s | 21 kB 00:01
Error:
Problem: package docker-ce-3:19.03.5-3.el7.x86_64 requires containerd.io >= 1.2.2-3, but none of the providers can be installed

cannot install the best candidate for the job
package containerd.io-1.2.10-3.2.el7.x86_64 is excluded
package containerd.io-1.2.2-3.3.el7.x86_64 is excluded
package containerd.io-1.2.2-3.el7.x86_64 is excluded
package containerd.io-1.2.4-3.1.el7.x86_64 is excluded
package containerd.io-1.2.5-3.1.el7.x86_64 is excluded
package containerd.io-1.2.6-3.3.el7.x86_64 is excluded
(try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
Installing docker by skipping unavailable packages
[[email protected] ~]# yum -y install docker-ce --nobest
Output:
Installed:
docker-ce-3:18.09.1-3.el7.x86_64 containerd.io-1.2.0-3.el7.x86_64 docker-ce-cli-1:19.03.5-3.el7.x86_64
container-selinux-2:2.94-1.git1e99f1d.module+el8.0.0+4017+bbba319f.noarch libnftnl-1.1.1-4.el8.x86_64 libcgroup-0.41-19.el8.x86_64
policycoreutils-python-utils-2.8-16.1.el8.noarch libnfnetlink-1.0.1-13.el8.x86_64 libnetfilter_conntrack-1.0.6-5.el8.x86_64
iptables-1.8.2-9.el8_0.1.x86_64


Skipped:
docker-ce-3:19.03.5-3.el7.x86_64


Complete!

Now Docker Version “3:18.09.1-3.el7.x86_64” has been installed.S

Start and enable the Docker service by using below command
# systemctl start docker

# systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service â /usr/lib/systemd/system/docker.service.
Check the docker service status
# systemctl status docker
â docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2020-01-17 05:37:17 UTC; 2min 4s ago
Docs: https://docs.docker.com
Main PID: 15635 (dockerd)
Tasks: 18
Memory: 53.5M
CGroup: /system.slice/docker.service
ââ15635 /usr/bin/dockerd -H fd://
ââ15649 containerd --config /var/run/docker/containerd/containerd.toml --log-level info
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal dockerd[15635]: time="2020-01-17T05:37:17.341886251Z" level=info msg="Graph migration to content-addressabil>
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal dockerd[15635]: time="2020-01-17T05:37:17.342289173Z" level=warning msg="Your kernel does not support cgroup>
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal dockerd[15635]: time="2020-01-17T05:37:17.342309354Z" level=warning msg="Your kernel does not support cgroup>
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal dockerd[15635]: time="2020-01-17T05:37:17.342708097Z" level=info msg="Loading containers: start."
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal dockerd[15635]: time="2020-01-17T05:37:17.556082824Z" level=info msg="Default bridge (docker0) is assigned w>
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal dockerd[15635]: time="2020-01-17T05:37:17.654816733Z" level=info msg="Loading containers: done."
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal dockerd[15635]: time="2020-01-17T05:37:17.681089736Z" level=info msg="Docker daemon" commit=4c52b90 graphdri>
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal dockerd[15635]: time="2020-01-17T05:37:17.681241065Z" level=info msg="Daemon has completed initialization"
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal dockerd[15635]: time="2020-01-17T05:37:17.717122644Z" level=info msg="API listen on /var/run/docker.sock"
Jan 17 05:37:17 ip-172-31-44-32.us-east-2.compute.internal systemd[1]: Started Docker Application Container Engine.

Now check the Docker installation by running a container using anyone the base image

# docker run -it hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete
Digest: sha256:9572f7cdcee8591948c2963463447a53466950b3fc15a247fcad1917ca215a2f
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
The Docker client contacted the Docker daemon.
The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/

For more examples and ideas, visit:
https://docs.docker.com/get-started/

Allowing non root users:

Check whether group called “Docker” availavle or not

# cat /etc/group | grep docker
docker:x:989:

Since group already exists, Now create a new user

# useradd abu

Check created users details like default UID, GID/ Groups added

# id abu
uid=1001(abu) gid=1001(abu) groups=1001(abu)

Now add “abu” user to “Docker” group as another group.

# usermod -aG docker abu

# id abu
uid=1001(abu) gid=1001(abu) groups=1001(abu),989(docker)

Now we can use this user to run docker instead if using root user.

Setup Docker Repository

Before installing the Docker Engine on your host, you need to setup the repository first. So, will see How to setup Docker Repository in this post.
After that, you can Install/Update the Docker from the repository.

Setup Docker Repository
Setup Docker Repository

Setup Docker Repository:

  1. Yum should be configured on your host. Please use this post to know How to configure yum repository
  2. Than, Packages required: yum-utils, yum-config-manager and device-mapper-persistent-data, lvm2 are required for devicemapper
    Storage driver.
  3. use below command to to install above mentioned packages using yum
#yum install -y yum-utils device-mapper-persistent-data lvm2

Since the packages are already installed on my host, Update has been done

Updated:
device-mapper-persistent-data.x86_64 0:0.8.5-1.el7 lvm2.x86_64 7:2.02.185-2.el7_7.2

Use the below command to setup Docker Repository

#yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Loaded plugins: fastestmirror
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo

And check whether the repository added or not by issuing below command

#yum repolist | grep Docker
docker-ce-stable/x86_64 Docker CE Stable - x86_64 63

Installing Docker Engine:

To confirm the successful completion of Repository setup, will try to install New version of Docker engine now using below command.

#yum install docker-ce docker-ce-cli containerd.io 

Installed:
containerd.io.x86_64 0:1.2.10-3.2.el7 docker-ce.x86_64 3:19.03.5-3.el7 docker-ce-cli.x86_64 1:19.03.5-3.el7

Dependency Installed:
container-selinux.noarch 2:2.107-3.el7 libseccomp.x86_64 0:2.3.1-3.el7


Now start the Docker Engine:

# systemctl start docker

# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Thu 2020-01-02 02:14:11 EST; 8s ago
Docs: https://docs.docker.com
Main PID: 60692 (dockerd)
Memory: 37.6M
CGroup: /system.slice/docker.service
└─60692 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Jan 02 02:14:10 localhost dockerd[60692]: time="2020-01-02T02:14:10.667134175-05:00" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:/…odule=grpc
Jan 02 02:14:10 localhost dockerd[60692]: time="2020-01-02T02:14:10.667153441-05:00" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
Jan 02 02:14:10 localhost dockerd[60692]: time="2020-01-02T02:14:10.695465002-05:00" level=info msg="Loading containers: start."
Jan 02 02:14:10 localhost dockerd[60692]: time="2020-01-02T02:14:10.952900918-05:00" level=info msg="Default bridge (docker0) is assigned with an IP ad…P address"
Jan 02 02:14:11 localhost dockerd[60692]: time="2020-01-02T02:14:11.018716067-05:00" level=info msg="Loading containers: done."
Jan 02 02:14:11 localhost dockerd[60692]: time="2020-01-02T02:14:11.040693143-05:00" level=warning msg="Not using native diff for overlay2, this may ca…r=overlay2
Jan 02 02:14:11 localhost dockerd[60692]: time="2020-01-02T02:14:11.041056334-05:00" level=info msg="Docker daemon" commit=633a0ea graphdriver(s)=overl…on=19.03.5
Jan 02 02:14:11 localhost dockerd[60692]: time="2020-01-02T02:14:11.041178502-05:00" level=info msg="Daemon has completed initialization"
Jan 02 02:14:11 localhost dockerd[60692]: time="2020-01-02T02:14:11.072808771-05:00" level=info msg="API listen on /var/run/docker.sock"
Jan 02 02:14:11 localhost systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.

Now verify the Docker using below command

# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete
Digest: sha256:4fe721ccc2e8dc7362278a29dc660d833570ec2682f4e4194f4ee23e415e1064
Status: Downloaded newer image for hello-world:latest


Hello from Docker!
This message shows that your installation appears to be working correctly.


To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.


To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash


Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/


For more examples and ideas, visit:
https://docs.docker.com/get-started/

Thanks for reading this post and going forward will talk about Docker Engine more…

Reference: Docker Docs

Upgrading NIOS Software

Will see Upgrading NIOS Software in this post.

Before upgrading do the pre-implementation things for safer side mentioned below.

Check the current version of Infoblox execute below command in web console

admin> show version
Upgrading NIOS Software

Check the license using below command in web console

admin> show license

Note: If the NIOS holding temp license, it’s not advisable to upgrade the Version. It will lead to lose the GUI

Now we must take the Infoblox appliance database backup. Here we are mentioning NIOS configuration and discovery files as database. If anything goes wrong, we can use this backup to restore it to previous stat of the NIOS.

Grid -> Grid Manager -> Backup -> Manual Backup
-> My Computer -> Backup
  1. Download the upgrade binaries (Bin/ Bin2) file from Infoblox support portal and do remember the path where you saved the file

https://support.infoblox.com

Step 1: 

Click on download tab and you will get next screen. From there select “NIOS Archives (.BIN/2 files)”

Upgrading NIOS Software

Step 2:  

             Once selected “NIOS Archives (.BIN/2 files)” from the dropdown list, next click on “Available for download” button

Upgrading NIOS Software

Step 3: 

      On next step you will get list of available download and from there click the appropriate version BIN or BIN2 file to download the upgrade. We can avoid “.DDI.OVA FILES” and “CHECKSUM FILES”, because it not required for the upgrade process.

Upgrading NIOS Software

Recommended to download the .BIN Files for the appropriate version.

Download and keep it in a host which in same network to upload in Grid Master GUI for upgrade and do remember the path.

Upgrading NIOS Software:

  1. Upload the binaries to Infoblox Grid Master (Grid -> Upgrade -> Upload)
  2. Once upload completed, Distribute button will be enabled. Then click on Distribute  to distribute the uploaded binaries to remote nodes (Grid -> Upgrade -> Distribute)
  3. Once distribution completed, Test button will be enabled. To verify the integrity of upgrade files click Test (Grid -> Upgrade -> Test)
  4. Finally click on upgrade to apply the update (Grid -> Upgrade -> Upgrade)

Post Upgrade of NIOS please do the below checks:

  • 1. Revert all nodes to the previous version (Grid -> Upgrade -> Revert -> Grid)

             Grid Master will display warning message. Read the warning carefully and then click Yes to proceed further.

  • In absence of Grid Master GUI, we can restore the backup to set NIOS Configuration to the previous stat.

Reference: Infoblox document

How to install RHEL 8

We are going to learn how to install RHEL 8 Operating system in this post. It supports “Appliction Stream” which will allow developer tools and read our previous post to know more about RHEL 8 features.

Minimum System Requirements:

  • 4 GB RAM
  • 20 GB unallocated disk space
  • 64-bit x86 or ARM System

and it will supports below architecture,

  • AMD or Intel x86 64-bit
  • 64-bit ARM
  • IBM Power Systems, Little Endian & IBM Z

Keep the RHEL 8 Media or Image file ready to start the installation. Use the below link to download RHEL 8

https://access.redhat.com/downloads/

Boot the system using RHEL 8 media or image file and it will start the installation like below and by using “Tab” select “RedHat Enterprise Linux 8.0.0″and press “Enter” key in keyboard to start the installation.

How to install RHEL 8

On next screen, you will get a list that is asking you to select the System language and keyboard layout like below. Select your preferred language and click on continue

How to install RHEL 8

Then next you will get a screen which is the place to provide all information to install the operating system. Click on “Installation Destination” for partitioning.

How to install RHEL 8

In next screen, select “Automatic” for auto partitioning, which is done by Operating System itself. In this option i will take all the available disk for installation

Select “Custom” to do partitioning by yourself. Here you need to select the required mount points and size concern to that mounts. Default mount points will be /(root), swap, /boot. See the below screenshots of custom partitioning which i done in this installation.

How to install RHEL 8

Select the partition type “Standard Partition, LVM, LVM Thin Provisioning” which type you want to create partition. Here i selected LVM type for this installation. LVM is best option where you can extend or reduce the partition size whenever needed.

How to install RHEL 8

Select Filesystem(partition) and provide size of the filesystem like below

How to install RHEL 8

Finally i have created few of the filesystems using available disk space with LVM. Click on done from the top left side of the screen.

How to install RHEL 8

Next screen it will ask for the confirmation to make changes in disk. So, Click on “Accept Changes” to proceed further.

How to install RHEL 8

Next you can see a window where you can select the Language, Date and time, Time zone, network settings, Installation source, Installation Destination and Software selection.

Click on “software selection”

How to install RHEL 8

You will find a screen like below. From that you can select the option based on you Configuration, for what you are going to use this server. I used “Minimal Install”. Click on Done from the top left side corner of the screen and again click “Begin Installation”.

How to install RHEL 8

Now it will start the installation and the same time it will show you the option to set password for root user and if you want to create any other user, you can create and click “Done”

How to install RHEL 8
How to install RHEL 8

After the Installation click on “Reboot” from the bottom right side corner of the screen and finally system will boot up with new operating system installed and prompt for username and password.

How to install RHEL 8

Now your system is ready for production.

Thanks for reading this post.

Reference: RedHat Documentation

RedHat Enterprise Linux 8 (RHEL 8) released





RedHat Enterprise Linux 8 (RHEL 8) released

RedHat Enterprise Linux 8 (RHEL 8) released on 7th May 2019 and another important thing is that this happened after acquisition of RedHat by IBM on 28th October 2018.

Release Date:

RHEL 8 released on 7th May 2019 and now its available for production environment.

RHEL 8 Download link:

RedHat Enterprise Linux 8 (RHEL 8) released

Architecture:

AMD64, Intel 64-bit, 64-bit ARM, IBM Power Systems, and IBM Z 

Overview:

RHEL 8 uses upstream Linux kernel 4.18

This is Secure, Stable and good foundation for hybrid cloud deployments.

New Features:

It Supports 4PB Physical memory

Wayland is default display server, instead of Xorg.

XFS supports shared copy-on-write data extends.

Now cockpit is default package and it comes along with RedHat OS image

RHEL 8 distributed with two main repositories: BaseOS & AppStream

RHEL 8 comes with new version of yum which is based on DNF.

nftables replaces iptables in network framework and we can convert existing iptables rules to nftables format for use.

Nginx 1.14 available in default repository.

Now in RHEL 8 sosreport can report any load of eBPF (extended Berkeley Packet Filtering) programs and maps

Geoliet2 database replaces geolite

In Cluster part we have new pcs commands to list and test available watchdog devices.

In the next post will see how to install RHEL 8

Reference: RedHat access portal

How to Register and Enable RedHat Subscriptions, Repositories for RHEL7

How to Register and Enable RedHat Subscriptions, Repositories for RHEL7

This post will guide you to know How to Register and Enable RedHat Subscriptions, Repositories for RHEL7 before system full upgrade or to install any packages from EPEL Repository in RedHat.

Enabling RedHat repositories are mandatory to install any packages using yum. RedHat subscription has the registered system details once the registration has been done.

Requierment:

All we need is newly installed system with RedHat 7.

Registering and Activating RedHat Subscrition:

As a first step we should go to the RedHat Customer portal and register there. After the successful registration do remember the credentials.

Now login to the RHEL7 server and use the below command to register your system to RedHat Customer portal with RedHat credentials which you created just before

#subscription-manager register --username <username> --password <password>

Once register your system, use the “list” option to get the all available subscription and than note down the subscription pool id which you need to activate it.

#subscription-manager list -available

if your not getting any list, than your system registration with RedHat customer portal is not purchased for subscription. Please get in touch with RedHat to proceed further.

Once you got the list of available subscription, you can use the below command to activate the subscription

#subscription-manager subscribe --pool=Pool ID number

To know the status of consumed subscription use the below command

#subscription-manager list –consumed

To list the available subscription use the below command

#subscription-manager list

Once your system registered with RedHat customer portal and activated subscription, you can enable the repositories . Use the below command to list the repositories for you subscription.

#subscription-manager repos --list

use the below command to list the available repository

#yum repolist all

To enable a specific repository, open “vi /etc/yum.repos.d/redhat.repo” file and ensure that “enbaled=1” for concern repository which you want to enable

Now list only enabled repository by executing below command

#yum repolist

Now you can use required yum commands to update your system/ install any packages like below

#yum update
#yum install <package_name>

Reference: RedHat portal

How to install Nagios Core server 4.4.3 on RHEL 6/7 & CentOS 6/7

This post will help you to know How to install Nagios Core server 4.4.3 on RHEL 6/7 & CentOS 6/7.

Nagios is a powerful monitoring tool. It will help to monitor a infrastructure.

It will monitor applications, service and entire infrastructure.

Required Packages:

  1. httpd
  2. php
  3. php-cli
  4. gcc
  5. unzip
  6. wget
  7. glibc
  8. glibc-common
  9. gd
  10. gd-devel
  11. net-snmp
[[email protected] ~]yum install httpd php php-cli gcc unzip wget glibc glibc-common gd gd-devel net-snmp

As we have installed httpd and this will be useful when we access the Nagios core to manage through web console.

 [[email protected] yumrepo]# systemctl start httpd 

Now create Nagios user account using below command:

[[email protected] yumrepo]# useradd Nagios
[[email protected] yumrepo]# passwd nagios
Changing password for user nagios.
New password:
BAD PASSWORD: The password contains the user name in some form
Retype new password:
passwd: all authentication tokens updated successfully.

Now we need to create a group “nagcmd” to setup Nagios and then add the users “nagios” & “apache”   to be a part of group: nagcmd

[[email protected] yumrepo]# groupadd nagcmd
[[email protected] yumrepo]# usermod -a -G nagcmd nagios
[[email protected] yumrepo]# usermod -a -G nagcmd apache

Ñow its time to start Nagios Core server installation

Since Nagios third party tool, we need to download first for installation using below commands:

[[email protected] ~]# cd /opt
[[email protected] opt]# wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.3.tar.gz
[[email protected] opt]# tar -xvf nagios-4.4.3.tar.gz
[[email protected] nagios-4.4.3]# ./configure --with-command-group=nagcmd
[[email protected] nagios-4.4.3]# make all
[[email protected] nagios-4.4.3]# make install
[[email protected] nagios-4.4.3]# make install-init
[[email protected] nagios-4.4.3]# make install-daemoninit
[[email protected] nagios-4.4.3]# make install-commandmode
[[email protected] nagios-4.4.3]# make install-config
[[email protected] nagios-4.4.3]# make install-exfoliation

Now configure Apache for Nagios installation using below command:

[[email protected] nagios-4.4.3]# make install-webconf

Will configure Apache authentication for nagiosadmin which is default user. Don’t change this username. If you are changing then need to do more changes in configuration file.

[[email protected] nagios-4.4.3]# htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Now restart the apache

[[email protected] nagios-4.4.3]# systemctl restart httpd

As a next step need to install Nagios plugins, once installed Nagios core using below commands:

[[email protected] nagios-4.4.3]# cd /opt
[[email protected] opt]# wget http://nagios-plugins.org/download/nagios-plugins-2.2.1.tar.gz
[[email protected] opt]# tar -xvf nagios-plugins-2.2.1.tar.gz
[[email protected] opt]# cd nagios-plugins-2.2.1

Now install and compile the plugins using below command:

[[email protected] nagios-plugins-2.2.1]# ./configure --with-nagios-user=nagios --with-nagios-group=Nagios
[[email protected] nagios-plugins-2.2.1]# make
[[email protected] nagios-plugins-2.2.1]# make install

We installed Nagios core and plugins. So, now will check and verify the configuration using below command:

[[email protected] nagios-plugins-2.2.1]#
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

The output should give 0 Errors and 0 Warnings. If you get the same, then will start the Nagios like below

[[email protected] nagios-plugins-2.2.1]# systemctl start
nagios     

Check SELinux mode using below command:

[[email protected] ~]getenforce
Enforcing

If SELinux is in Enforcing mode, Than change it to Permissive mode or disable it like below

[[email protected] ~]# setenforce 0

Now make sure to enable web server permanently in firewall using below command:

[[email protected] ~]# firewall-cmd --permanent
--add-service=http

Execute below command to make affect in firewall changes which we did using our previous command

[[email protected] ~]# firewall-cmd –reload

Finally we have done everything and now will check whether the web console working on not

Enter url like below in your web browser and replace the IP_ADDR with your server ip

http://IP_ADDR/nagios

It will ask for the username and password. Remember that we already created a user name “nagiosadmin”. We can use that to login the console.

How to install Nagios Core server 4.4.3 on RHEL 6/7 & CentOS 6/7

Enter the nagiosadmin credentials and the web console looks like below

How to install Nagios Core server 4.4.3 on RHEL 6/7 & CentOS 6/7

From the left side pan click on “Hosts” and it will show list of hosts which is added for monitoring.
Since, we doesn’t added any host, it will show only localhost, which is Nagios server like below

How to install Nagios Core server 4.4.3 on RHEL 6/7 & CentOS 6/7

Finally we installed and configured Nagios server. Thanks for readin

what is split brain syndrome in clusters?

In this post we are going to see what is split brain syndrome in clusters?

Split brain syndrome is a state on a cluster where each cluster nodes are divided into small clusters and each one will believe themselves as itself only an active cluster.

Each nodes believes that all other nodes are dead and simultaneously will try to access the same data/ disks, which can be lead to data corruption. This situation will occur during the cluster reformation.

When one or more nodes fails, the cluster itself will reform the cluster with the available nodes.

Note: High Availability clusters will use some mechanism like CMAN, Pacemaker, HP ServiceGaurd, and Linux HA to avoid split brain syndrome.

Common methods to address split brain syndrome:

  1. I/O Fencing
  2. Quorum/ Local Disk
  3. Quorum Server
  4. Tie – Breakers
  5. STONITH(Shoot The Other Node In The Head)