Configuring Time Server on Redhat Atomic Host

April 12, 2017

Configuring Time Synchronization in atomic host is different from general redhat/centos implementation.

to configure ntp client do these steps:

1-Go to /etc/chrony.conf and add time server to this as below:

timeserver   ipoftimeserver

2-issue systemctl daemon-reload to apply configuration

3-issue the command to reset chrony daemon:

systemctl restart chronyd

systemctl enable chronyd ( to start daemon in boot time)

4-Issue the commands below to check the sync state:

chronyc trackning

chronyc sources

chronyc sourcestats

 

Advertisements

Created slice & Starting Session

November 29, 2016

In redhat version 7, when you start a session the /var/log/message will be filled by logs like below for every user login:

systemd-logind: New session 827 of user root
systemd: Started Session 827 of user root.
systemd: Starting Session 827 of user root. to eliminate this refer to the following article from redhat:

https://access.redhat.com/solutions/1564823

which recommends:1-create a file named ignore-systemd-session-slice.conf in /etc/rsyslog.d

2-add this command to it:if $programname == “systemd” and ($msg contains “Starting Session” or $msg contains “Started Session” or $msg contains “Created slice” or $msg contains “Starting user-“) then stop

3-restart rsyslog : systemctl restart rsyslog

 

 

1

 

Change max open file

November 15, 2016

If you are using oracle linux and you have installed package oracle-rdbms-server-12cR1-preinstall on it, for changing max open file parameter, look at this file:
/etc/security/limits.d/oracle-rdbms-server-12cR1-preinstall.conf

changing the value on /etc/security/limits.conf does not work!

Redhat NIC Bonding

October 22, 2016

Here is some articles on nic bonding:

Red Hat / CentOS : How to create interface / NIC bonding

Create NIC Channel Bonding in RedHat/CentOS/Fedora

Ethernet Channel Bonding aka NIC Teaming on Linux Systems

Installing JRE on AIX

October 5, 2016

1-Download jre from the following link:
https://www.ibm.com/developerworks/java/jdk/aix/service.html

2-tar –xvf Java8_64.jre.tar
3-inutoc .
4-smitty installp and install java or use installp -agXYd . java8_6
5-Confirm installation by using :lslpp -l | grep -i java
6-Set JAVA_HOME environment variable as below:
If you are using bash, ash, ksh or some other Bourne-style shell
Open .profile file, add JAVA_HOME line and add java path. The .profile file looks like below after changes.
JAVA_HOME=/usr/java8_64/jre;export JAVA_HOME
PATH=/usr/java8_64/jre/bin:/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:/usr/bin/X11:/sbin or use /etc/environment file to put java path for all users.
export PATH
7-verify java version by using java -version

Securing SSH

October 4, 2016

After applying PKI on infrastructure, the following parameters may be change in sshd configuration file:
protocol 2
PermitRootLogin without-password
PubKeyAuthentication yes
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM yes

Disable SSH Password Authentication

September 15, 2016

Once you have SSH Keys configured, you can add some extra security to your server by disabling password authentication for SSH.

To disable this setting, you can do the following:
vi /etc/ssh/sshd_config

Set the following settings to the following values. If these settings are already in the file, set them to “no” rather than add new lines.
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no

Restart the SSH service to apply the settings.
/etc/init.d/sshd restart or service sshd restart

INSTALL ZABBIX AGENT ON AIX

August 9, 2016

1-Download Zabbix Agent for AIX from zabbix website:http://www.zabbix.com/download.php (I have used this version zabbix_agents_2.2.9.aix6100.powerpc.tar on AIX 71-TL04 )
2-Extract the file and go the folder (You will see three folders named bin conf and sbin)
Start configuring agent:
3-create zabbix group by command: mkgroup zabbix
4-create zabbix user and add it to zabbix group by command: mkuser pgrp=’zabbix’ groups=’zabbix’ zabbix
5-create configuration directory by this command: mkdir /etc/zabbix
6-create log location: mkdir /var/log/zabbix
7-assign permission to zabbix user: chown -R zabbix:zabbix /var/log/zabbix
8-create configuration directory by this command mkdir -p /usr/local/etc/
9-create zabbix process file directory: mkdir -p /var/run/zabbix
10-assign permission to zabbix user : chown -R zabbix:zabbix /var/run/zabbix
11-install zabbix_get and zabbix_sender binary cp bin/zabbix_* /bin
12-install zabbix_agent and zabbix_agentd binary cp sbin/zabbix_agent* /sbin
13-copy configuration files cp -r conf/zabbix_agent* /etc/zabbix
14-create link ln -s /etc/zabbix/zabbix_agentd.conf /usr/local/etc/zabbix_agentd.conf
15-create a backup from original config file and modify parameters as below:
DebugLevel=3
EnableRemoteCommands=1
Hostname=hostname
LogFile=/var/log/zabbix/zabbix_agentd.log
PidFile=/var/run/zabbix/zabbix_agentd.pid
Server=SERVERIP
16-start zabbix server by runnix zabbix_agentd
17-make zabbix agent to start at boot:mkitab “zabbix:2:once:/sbin/zabbix_agentd >/dev/null 2>&1”

MONITORING MYSQL WITH ZABBIX on RHEL

August 8, 2016

To configure mysql database with zabbix server you can do as follow:

(TEST ON ZABBIX 3.0 And MYSQL 5.7)

1-On mysql server, the zabbix agent should be installed.

2-Assign permission to zabbix user as below:

mysql>grant usage on *.* to ‘zabbix’@’127.0.0.1’ identified by ‘goodpassword’;

mysql>grant usage on *.* to ‘zabbix’@’localhost’ identified by ‘goodpassword’;

mysql>flush privileges;

3-Under /etc/zabbix create a file as below :

vi /etc/zabbix/.my.cnf

[mysql]

user=zabbix

password=goodpassword;

[mysqladmin]

user=zabbix

password=goodpassword;

4-Edit the file /etc/zabbix/zabbix_agentd.d/userparameter_mysql.conf and replace all HOME=/var/lib/zabbix with HOME=/etc/zabbix(instead of this, you can create /usr/lib/zabbix folder and create the .my.cnf file in that location)

5-Restart the zabbix agent by service zabbix-agent restart

6-Assign mysql template on zabbix server to target mysql server and the data should be available.

 

August 7, 2016

Configuring zabbix version 3.x to send email notifications is a little different from version 1.x and 2.x.

you should create the zabbix_sendemail.sh script as below: ( put it on /usr/lib/zabbix/alertscripts )

#!/bin/bash
export smtpemailfrom=ZabbixAlert@yourdomain.com
export zabbixemailto=”$1″
export zabbixsubject=”$2″
export zabbixbody=”$3″
export smtpserver=mail.yourdomain.com
export smtplogin=zabbixalert@yourdomain.com
export smtppass=ZabbixAlertPassword
export email_log=/tmp/zabbix_email_log.log
/usr/bin/sendEmail  -l /tmp/zabbixmail.log -f “$smtpemailfrom” -t “$zabbixemailto” -u “$zabbixsubject” -m “$zabbixbody” -s “$smtpserver:25” -xu “$smtplogin” -xp “$smtppass”

Configure a media type as script and put zabbix_sendemail as name and script name and do with script parameters section as below:

{ALERT.SENDTO}

{ALERT.SUBJECT}

{ALERT.MESSAGE}

It is done and you should receive email notifications successfully if you have defined it in your actions on required triggers.