Linuxtechi

How to Install and Use Terraform on CentOS 8

In this guide, we will show you how to install and use Terraform on CentOS 8. Before we proceed further, what is Terraform? Created by Hashicorp, Terraform is a free and opensource declarative coding tool that allows you to automate and manage your IT infrastructure and various services that run on servers. In fact, Terraform is popularly referred to as ‘Infrastructure as a Code’ tool.

Terraform makes use of a simple syntax to efficiently and safely provision resources across on-premise and cloud platforms such as Microsoft Azure, Google Cloud Platform and AWS. Where required, it can also re-provision these changes in response to changes in configuration.

Without much further ado, let us walk you through the installation steps.

Installation of Terraform on CentOS 8

First up, head over to the official Terraform download site and download the latest zip file. By the time of writing down this guide, the latest version is Terraform 0.13.3. To download use the wget command as shown

[[email protected] ~]$ wget https://releases.hashicorp.com/terraform/0.13.3/terraform_0.13.3_linux_amd64.zip

Once downloaded, unzip the file to the /usr/local/bin path using the -d switch as shown.

[[email protected] ~]$ sudo unzip terraform_0.13.3_linux_amd64.zip -d /usr/local/bin
Archive:  terraform_0.13.3_linux_amd64.zip
  inflating: /usr/local/bin/terraform
[[email protected] ~]$

Alternatively, you can locally unzip the file in your current working directory and later move the unzipped directory to the /usr/local/bin destination.

[[email protected] ~]$  unzip terraform_0.13.3_linux_amd64.zip
[[email protected] ~]$  mv terraform /usr/local/bin

To confirm that everything went as expected, invoke the following command:

[[email protected] ~]$ terraform -v
Terraform v0.13.3
[[email protected] ~]$

And that’s it! We are done installing Terraform.  The output confirms that Terraform is successfully installed on our system. As you can see, installing Terraform is quite a simple and straightforward procedure.

Terraform in action – Deploying a VM in GCP

To get a better understanding of how Terraform can be used to provision resources, we are going to demonstrate how to deploy a vm on Google cloud.

But first, you need to have a Google Cloud account with billing enabled. Usually, you get $300 worth of free credit during your free trial. In this demo, we are using a free trial.

Once you have logged in, click on the cloud shell icon as shown

Activate-Cloud-Shell-Terraform

This will initialize the Google cloud shell at the bottom of your screen. This usually takes a few seconds.

GCP-Cloud-shell-Screen

Next, we are going to install Terraform locally using docker to make it more convenient. To make it more persistent on restarts, we will install it into $HOME/bin as shown.

$ docker run -v $HOME/bin:/software sethvargo/hashicorp-installer terraform 0.13.3
$ sudo chown -R $(whoami):$(whoami) $HOME/bin/

Next, add bin to the path as shown

$ export PATH=$HOME/bin:$PATH

At this point, terraform is installed. Next, you need to enable the Cloud Engine API to make the API available for use.

$ gcloud services enable compute.googleapis.com

We are going to download a terraform configuration file from Github. The configuration file initializes a compute instance (virtual machine) that installs Apache webserver with a custom configuration. The compute engine is assigned a unique name and an external IP address that you will use to access the webserver.  To download the config file, run:

$ curl -sSfO https://raw.githubusercontent.com/sethvargo/terraform-gcp-examples/master/public-instance-webserver/main.tf

Use cat command to view the contents of main.tf file

$ cat main.tf

Here’s just a snippet of the …

0
Read More

How to Setup Private Docker Registry in Kubernetes (k8s)

It is always recommended to have private docker registry or repository in your Kubernetes cluster. Docker private registry allows the developers to push and pull their private container images. Once the application’s containers are pushed to private registry then developers can use the path of their private registry while creating and deploying their yaml files.

In this article, we will learn how we can deploy private docker registry as a deployment on top of Kubernetes cluster. I am assuming Kubernetes cluster is already up and running.

Kubernetes lab details for setting up private docker registry

  • k8s-master – 192.168.1.40 – CentOS 7
  • k8s-worker-1 – 192.168.1.41 – CentOS 7
  • k8s-worker-2 – 192.168.1.42  – CentOS 7
  • kadmin user with sudo rights
  • NFS share ‘/opt/certs’ & ‘/opt/registry’

Note:  In my case, I have setup nfs server on master node and exported /opt/certs and /opt/registry as nfs share.

Before starting the deployment of private registry, please make sure these nfs shares are mounted on each worker nodes. Run the following commands on each worker node.

$ sudo mkdir /opt/certs /opt/registry
$ sudo mount 192.168.1.40:/opt/certs /opt/certs
$ sudo mount 192.168.1.40:/opt/registry /opt/registry

For permanent mount, add nfs entries in /etc/fstab file.

In place of mounting these nfs shares, we can also create nfs based persistent volumes and later we can use these persistent volumes in yaml file.

Let’s dive into installation and configuration steps of private docker registry in Kubernetes.

Step 1) Generate self-signed certificates for private registry

Login to your control plane or master node and use openssl command to generate self-signed certificates for private docker repository.

[[email protected] ~]$ cd /opt
[[email protected] opt]$ sudo openssl req -newkey rsa:4096 -nodes -sha256 -keyout ./certs/registry.key -x509 -days 365 -out ./certs/registry.crt

Private-Docker-Repo-Key-Cerificate-k8s

Once the key and certificate file are generated, use ls command to verify them,

[[email protected] opt]$ ls -l certs/
total 8
-rw-r--r--. 1 root root 2114 Sep 26 03:26 registry.crt
-rw-r--r--. 1 root root 3272 Sep 26 03:26 registry.key
[[email protected] opt]$

Step 2) Deploy private registry as deployment via yaml file

On your master node, create a private-registry.yaml file with the following contents

[[email protected] ~]$ mkdir docker-repo
[[email protected] ~]$ cd docker-repo/
[[email protected] docker-repo]$ vi private-registry.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: private-repository-k8s
  labels:
    app: private-repository-k8s
spec:
  replicas: 1
  selector:
    matchLabels:
      app: private-repository-k8s
  template:
    metadata:
      labels:
        app: private-repository-k8s
    spec:
      volumes:
      - name: certs-vol
        hostPath:
          path: /opt/certs
          type: Directory
      - name: registry-vol
        hostPath:
          path: /opt/registry
          type: Directory

      containers:
        - image: registry:2
          name: private-repository-k8s
          imagePullPolicy: IfNotPresent
          env:
          - name: REGISTRY_HTTP_TLS_CERTIFICATE
            value: "/certs/registry.crt"
          - name: REGISTRY_HTTP_TLS_KEY
            value: "/certs/registry.key"
          ports:
            - containerPort: 5000
          volumeMounts:
          - name: certs-vol
            mountPath: /certs
          - name: registry-vol
            mountPath: /var/lib/registry

save and close the yaml file

private-registry-deployment-yaml-k8s

Run the following kubectl command deploy the private registry using above created yaml file,

[[email protected] docker-repo]$ kubectl create -f private-registry.yaml
deployment.apps/private-repository-k8s created
[[email protected] docker-repo]$

Execute below kubectl commands to verify status of registry deployment and its pod.

[[email protected] ~]$ kubectl get deployments private-repository-k8s
NAME                     READY   UP-TO-DATE   AVAILABLE   AGE
private-repository-k8s   1/1     1            1           3m32s
[[email protected] ~]$
[[email protected] ~]$ kubectl get pods | grep -i private-repo
private-repository-k8s-85cf76b9d7-qsjxq   1/1     Running   0          5m14s
[[email protected] ~]$

Perfect, above output confirms that registry has been deployed successfully, Now copy the registry certificate file to worker nodes and master node under the folder “/etc/pki/ca-trust/source/anchors“. Execute the following commands on …

0
Read More

How to Setup Jenkins on CentOS 8 / RHEL 8

In this article, we will acquire a knowledge of how-to setup the Jenkins on CentOS 8 or RHEL 8. We will also go through why there is a need of an additional tool for delivering a project. But before we start with all gun blazing and put this tool to work, we should know what it is exactly and why it is needed.

Jenkins is an open-source software for continuous software development. It is based on Java and it is the only tool which can be used in every part of software development cycle.

What is Jenkins ?

Jenkins is a CI/CD tool. Here CI means continuous integration and CD means continuous delivery. Jenkins is also considered as automation tool or server, It helps to automate software development which are related to building, testing and deploying. It is a server-based tool which runs on servlet containers like Apache Tomcat.

Why do we need Jenkins tool?

As maximum organization is now having agile process. Agile methodology is a practice that promotes both continuous integration and continuous delivery, it has scrum process that can be of 2/3 weeks, which is also known as scripts. In every sprint developers and tester has to do continuous development and testing with continuous integration and continuous delivery. In every sprint client get the privilege to check that the software/application is building according to the given requirement. They also have the leverage to change/update the requirement according to their business needs. This is one of the main reasons why Jenkins is one of the most popular tools in the market nowadays.

Prerequisites:

  • Minimal CentOS 8 / RHEL 8
  • User with sudo rights
  • Stable Internet Connection
  • For RHEL 8 system, active subscription is required.

Jenkins Lab details:

  • Host Name: Jenkins.linuxtechi.com
  • IP Address: 192.168.1.190
  • SELinux : Enabled
  • Firewall: Running

Installation Steps of Jenkins on CentOS 8 / RHEL 8

Step 1) Update hosts file and apply updates

Add the following hostname entry in /etc/hosts file, run below echo command:

[[email protected] ~]$ echo "192.168.1.190   jenkins.linuxtechi.com" | sudo tee -a /etc/hosts

Install all the available updates using the beneath dnf command,

[[email protected] ~]$ sudo dnf update -y

Once all the updates are installed successfully then reboot your system once.

[[email protected] ~]$ sudo reboot

Step 2) Enable Jenkins Package Repository

Run the following command to enable Jenkins package repository for CentOS 8 / RHEL 8,

[[email protected] ~]$ sudo dnf install wget -y
[[email protected] ~]$ sudo wget http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo -O /etc/yum.repos.d/jenkins.repo

Run below rpm command to import GPG key for Jenkins packages

[[email protected] ~]$ sudo rpm --import https://pkg.jenkins.io/redhat/jenkins.io.key

Step 3) Install Java and Jenkins with dnf command

Java is one of the perquisites for Jenkins, so run below dnf command to install java

[[email protected] ~]$ sudo  dnf install -y java-11-openjdk-devel

Verify the java version using below command:

[email protected] ~]$ java --version

Java-version-check-centos8

Now install Jenkins using beneath dnf command,

[[email protected] ~]$ sudo dnf install -y jenkins

dnf-install-jenkins-centos8

Step 4) Start and Enable Jenkins Service via systemctl

Run following systemctl command to start and enable Jenkins service

[[email protected] ~]$ sudo systemctl start jenkins
[[email protected] ~]$ sudo systemctl enable jenkins

Verify Jenkins service status by running following command,

[[email protected] ~]$ sudo systemctl status jenkins

Jenkins-Service-Status-CentOS8

Above output confirms that Jenkins service is active and running.

Step 5) Configure

0
Read More

9 tee Command Examples in Linux

Linux Tee command is a command line tool, it reads from the standard input and write the result to standard output and files at the same time.In other words, we can say, tee command in Linux used for hitting two birds with one stone: reading from standard input and printing the result on a file and to standard output at the same time. What do we mean by this? In this guide, we shed more light on Linux tee command and use a few examples to demonstrate its usage.

Tee Command Syntax

The tee command syntax is quite simple and takes the following format:

$ tee OPTIONS filename

Here are some of the options that you can use with tee command:

linux-tee-command-options

In tee command’s syntax, filename refers to one or more files.

With that in mind let’s check out a few examples on how the command is used.

Example 1) Basic usage of tee command

As described earlier, the main function of the tee command is to display the output of a command (stdout) and save it in a file. In the example below, the command we are inspecting the block devices in our system and piping the results to tee command which display the output to the terminal while simultaneously saving it on a new file called block_devices.txt

$ lsblk | tee block_devices.txt

lsblk-tee-command-output-linux

Feel free to examine the contents of the block_devices.txt file using the cat command as shown:

$ cat block_devices.txt

Example 2) Save command output to multiple files using tee

Additionally, you can write a command’s output to several space-separated files as shown in the syntax below.

$ command | tee file1 file2 file3 . . .

In the following example, we have invoked the hostnamectl command to print the hostname of our system among other details and save the standard output to two files file1.txt, and file2.txt

$ hostnamectl | tee file1.txt file2.txt

tee-command-output-files-linux

Once again, you can confirm the existence of the output in the two files using the cat command as shown:

$ cat file1.txt
$ cat file2.txt

Example 3) Suppress output of tee command

If you want to hide or suppress tee command from printing the output on the screen then redirect the output to /dev/null as shown:

$ command | tee file > /dev/null

For example,

$ df -Th | tee file4.txt > /dev/null

tee-command-suppress-output

Example 4) Append output to a file with tee command

By default, tee command overwrites the contents of a file. To append the output and prevent the erasure of the current content, use the -a or –append options.

$ command | tee -a file

In the second command, as shown, we have appended the output of date command to file1.txt which already contains the information about the USB devices on the system.

$ date | tee -a file1.txt

Append-output-tee-command-linux

Example 5) Use tee together with sudo command

Suppose that as a sudo user, you want to write on a file that is owned by the root user. Naturally, any elevated operation will require that you invoke the sudo user before the command.

To achieve this, simply prefix the tee command with sudo as shown below.

$ echo "10.200.50.20 db-01" | sudo tee -a /etc/hosts/

tee-with-sudo-command-linux

So, tee receives the …

0
Read More

9 Quick chmod Command Examples in Linux

Chmod command in Linux is used to change or assign permissions on files and directories. In Linux / Unix systems, accessibility to files and directories is determined by file ownership and permissions. In a previous article, we looked at how to manage file & directory ownership using the chown command. In this tutorial, we look at the chmod command.

The chmod command, short for change mode is used to manage file and directory permissions and determines who can access them. Let’s now dive in and explore the nature of file & directory permissions and how they can be modified.

Linux permissions

To better understand how the chmod command works, it’s prudent that we study the Linux file permissions model.

In Linux, we have 3 types of file permissions: read (r), write (w) and execute (x) permissions. These permissions determine which users can read, write or execute the files. You can assign these permissions using the text or octal (numeric) notation as we shall later discuss in this tutorial.

Files and directories can belong to either the owner of the file (u), group (g) or others (o)

  • u   –  Owner of the file
  • g   –  Group
  • o   –  Others

File permissions are listed using the ls -l command. The -l flag lists the file permissions. The permissions are arranged in three sets: the user, group and others respectively

To get a better understanding of file permissions, we are going to list the contents of our directory as shown:

$ ls -l

file-directory-permissions-linux

Starting from the extreme left, the first character/symbol indicates the file type. A hyphen (-) indicates that the file is a regular file. The symbol d indicates that it is a directory. Symbol l indicates that it’s a symbolic link.

The remaining nine characters are segmented into 3 triplets each bearing three symbols r(read), w(write) and x(execute). As pointed out earlier, the first segment points to the owner permissions, the second indicates the group permissions and the last portion specifies the permissions that other users have on the file or directory.

From the output, we can see that we have 2 files (hello.txt & reports.zip) and a single directory.

Let’s examine the first file

-rw-rw-r-- 1 linuxtechi linuxtechi   35 Aug 17 15:42 hello.txt

For the first file, the -rw-rw-r– permissions imply that the owner of the file has read and write permissions, the group also bears read & write permissions, while other users only have read permissions. The same permissions also apply for the reports.zip compressed file.

Let’s look at the directory’s permissions:

drwxrwxr-x 2 linuxtechi linuxtechi 4096 Aug 17 15:43 sales

We can see that the owner of the directory and group has all the permissions (read, write and execute) while other users have read and execute permissions only.

The triple hyphen symbols — indicate no permissions have been granted for either the owner of the file, group or other users.

Using chmod command to set file & directory permissions

Having looked at the file permissions and how to view them, let’s no focus on how to modify these permissions.

The chmod command in Linux is used to change file and directory permissions using either text (symbolic) or numeric (octal) notation. It takes …

0
Read More

Top 12 Command Line Tools to Monitor Linux

Being a Linux administrator is not an easy job. It takes lot of time, patience, and hard work to keep the systems up and running. But Linux System Admins can take some breather as they have some help in the form of command line monitoring tools. These tools help them to keep a tab on the Linux server performances and fix anything if found abnormal. In this article, we will look at the top 12 command line tools to monitor Linux performance.

1) Top

Without any doubt the top command is the number one command line tool to monitor Linux. It is one of the most widely used commands by Linux system administrators all over the world. It quickly provides details about all running processes in an ordered list. The list also keeps updating in real time. Not only the process names, it also displays the memory usage and CPU usage etc.

top-command-line-tool-monitor-linux

Also Read: 25 Top Command Examples to Monitor Linux Server Performance

2 ) vmstat

vmstst is the command line utility that occupies the 2nd position in our list. Its main task is used to display virtual memory statistics. It also helps you to display various information including all system processes, CPU activity, paging, block IO, kernel threads and disks etc. vmstat is the part of default installation in almost all the Linux distribution, so it is available straight way after the installation.

vmstat-command-output-linux

3) lsof

If you want to look at all the files currently opened in the system, then you need to make use of the lsof command. It is also used to monitor all processes currently in use. One of the major advantages of this command is that it helps administrators to see the files currently in use when a disk cannot be unmounted. Using this command, these files can be identified easily. lsof command is not available after the default Linux OS installation, so first we have to install it using following command:

For CentOS / RHEL

$ sudo yum install -y lsof              // CentOS 7 / RHEL 7 or before
$ sudo dnf install -y lsof              // CentOS 8 / RHEL 8

For Ubuntu / Debian

$ apt-get install -y lsof
Or
$ apt-get install -y lsof

To use lsof commmand, type lsof and hit enter

lsof-command-output-linux

Also Read : 18 Quick ‘lsof’ command examples for Linux Geeks

4) tcpdump

Tcpdump is another command line utility that allows Linux system administrators and network engineers to monitor all TCP/IP packets transferred over a network. Using tcpdump, one can also save all the packets in a separate file for analysis in the future.

Tcpdump is not part of default OS installation, so before start using it first install via following commands:

$ sudo yum install tcpdump -y    // CentOS 7 / RHEL 7 or before
$ sudo dnf install tcpdump -y    //CentOS 8 / RHEL 8
$ sudo apt install tcpdump -y    // Ubuntu / Debian

To Start capturing the packets on specific interface, run the following command,

# tcpdump -i enp0s3

tcpdump-command-line-tool-linux

Also Read: How to capture and analyze packets with tcpdump command on Linux

5) netstat

Netstat is one of the oldest command line utility used for network troubleshooting. Using netstat we can easily find network …

0
Read More

How to Add Remote Linux Host to Cacti for Monitoring

In the previous guide, we demonstrated how you can install Cacti monitoring server on CentOS 8. This tutorial goes a step further and shows you how you can add and monitor remote Linux hosts on Cacti. We are going to add remote Ubuntu 20.04 LTS and CentOS 8 systems to the cacti server for monitoring.

Let’s begin.

Step 1)  Install SNMP service on Linux hosts

SNMP, short for Simple Network Management Protocol is a protocol used for gathering information about devices in a network. Using SNMP, you can poll metrics such as CPU utilization, memory usage, disk utilization, network bandwidth etc. This information will, later on, be graphed in Cacti to provide an intuitive overview of the remote hosts’ performance.

With that in mind, we are going to install and enable SNMP service on both Linux hosts:

On Ubuntu 20.04

To install snmp agent, run the command:

$ sudo apt install snmp snmpd -y

On CentOS 8

$ sudo dnf install net-snmp net-snmp-utils -y

SNMP starts automatically upon installation. To confirm this, confirm the status by running:

$ sudo systemctl status snmpd

If the service is not running yet, start and enable it on boot as shown:

$ sudo systemctl start snmpd

We can clearly see that the service is up and running. By default, SNMP runs listens on UDP port 161, You can verify this using the netstat command as shown.

$ sudo netstat -pnltu | grep snmpd

netstat-snmp-linux

Step 2) Configuring SNMP service

So far, we have succeeded in installing snmp service and confirmed that it is running as expected. The next course of action is to configure the snmp service so that data can be collected and shipped to the Cacti service.

The configuration file is located at /etc/snmp/snmpd.conf

For Ubuntu 20.04

We need to configure a few parameters. First, locate the sysLocation and sysContact directives. These define your Linux client’s Physical location.

Default-syslocation-syscontact-snmpd-linux

Therefore, feel free to provide your client’s location.

Syslocation-Syscontact-snmpd-ubuntu-20-04

Next, locate the agentaddress directive. This refers to the IP address and the port number that the agent will listen to.

Default-agent-address-snmpd-ubuntu-20-04

Adjust the directive as shown below where 192.168.2.106 is my client system’s address.

agentaddress  udp:192.168.2.106:161

AgentAddress-cacti-server-Ubuntu-20-04

The directive will now allow the system’s local IP to listen to any snmp requests. Next up, add the view directive below above the other view directives:

view     all      included     .1      80

View-Directive-snmpd-Ubuntu-20-04

Next, change the rocommunity attribute shown below

rocommunity  public default -V systemonly
to:
rocommunity  public default -V all

rocommunity-snmpd-linux

Finally, to ensure the snmp service is working as expected, run the command below on the Linux host.

$ sudo snmpwalk -v 1 -c public -O e 192.168.2.106

You should get some massive output as shown.

snmpwalk-command-cacti-ubuntu-20-04

For CentOS 8

In CentOS 8, the configuration is slightly different. First, locate the line that begins with the com2sec  directive as shown:

default-com2sec-directive-snmpd-centos8

We will specify a new security name known as AllUser and delete the notConfigUser as shown:

Update-com2sec-directive-snmpd-centos8

Next, locate the line that starts with the group directive as shown.

Default-Group-directive-snmpd-centos8

We will modify the second attribute and specify AllGroup as the group name and AllUser as the security name as previously defined.Change-group-directive-snmpd-centos8

In the view section, add this line

view    AllView         included        .1

View-Directive-snmpd-centos8

Finally, locate the line beginning with the access directive.

Default-access-directive-snmpd-centos8

Modify …

0
Read More

How to Add Remote Linux Host to Cacti for Monitoring

In the previous guide, we demonstrated how you can install Cacti monitoring server on CentOS 8. This tutorial goes a step further and shows you how you can add and monitor remote Linux hosts on Cacti. We are going to add remote Ubuntu 20.04 LTS and CentOS 8 systems to the cacti server for monitoring.

Let’s begin.

Step 1)  Install SNMP service on Linux hosts

SNMP, short for Simple Network Management Protocol is a protocol used for gathering information about devices in a network. Using SNMP, you can poll metrics such as CPU utilization, memory usage, disk utilization, network bandwidth etc. This information will, later on, be graphed in Cacti to provide an intuitive overview of the remote hosts’ performance.

With that in mind, we are going to install and enable SNMP service on both Linux hosts:

On Ubuntu 20.04

To install snmp agent, run the command:

$ sudo apt install snmp snmpd -y

On CentOS 8

$ sudo dnf install net-snmp net-snmp-utils -y

SNMP starts automatically upon installation. To confirm this, confirm the status by running:

$ sudo systemctl status snmpd

If the service is not running yet, start and enable it on boot as shown:

$ sudo systemctl start snmpd

We can clearly see that the service is up and running. By default, SNMP runs listens on UDP port 161, You can verify this using the netstat command as shown.

$ sudo netstat -pnltu | grep snmpd

netstat-snmp-linux

Step 2) Configuring SNMP service

So far, we have succeeded in installing snmp service and confirmed that it is running as expected. The next course of action is to configure the snmp service so that data can be collected and shipped to the Cacti service.

The configuration file is located at /etc/snmp/snmpd.conf

For Ubuntu 20.04

We need to configure a few parameters. First, locate the sysLocation and sysContact directives. These define your Linux client’s Physical location.

Default-syslocation-syscontact-snmpd-linux

Therefore, feel free to provide your client’s location.

Syslocation-Syscontact-snmpd-ubuntu-20-04

Next, locate the agentaddress directive. This refers to the IP address and the port number that the agent will listen to.

Default-agent-address-snmpd-ubuntu-20-04

Adjust the directive as shown below where 192.168.2.106 is my client system’s address.

agentaddress  udp:192.168.2.106:161

AgentAddress-cacti-server-Ubuntu-20-04

The directive will now allow the system’s local IP to listen to any snmp requests. Next up, add the view directive below above the other view directives:

view     all      included     .1      80

View-Directive-snmpd-Ubuntu-20-04

Next, change the rocommunity attribute shown below

rocommunity  public default -V systemonly
to:
rocommunity  public default -V all

rocommunity-snmpd-linux

Finally, to ensure the snmp service is working as expected, run the command below on the Linux host.

$ sudo snmpwalk -v 1 -c public -O e 192.168.2.106

You should get some massive output as shown.

snmpwalk-command-cacti-ubuntu-20-04

For CentOS 8

In CentOS 8, the configuration is slightly different. First, locate the line that begins with the com2sec  directive as shown:

default-com2sec-directive-snmpd-centos8

We will specify a new security name known as AllUser and delete the notConfigUser as shown:

Update-com2sec-directive-snmpd-centos8

Next, locate the line that starts with the group directive as shown.

Default-Group-directive-snmpd-centos8

We will modify the second attribute and specify AllGroup as the group name and AllUser as the security name as previously defined.Change-group-directive-snmpd-centos8

In the view section, add this line

view    AllView         included        .1

View-Directive-snmpd-centos8

Finally, locate the line beginning with the access directive.

Default-access-directive-snmpd-centos8

Modify …

0
Read More

How to Install Zimbra Mail Server on CentOS 8 / RHEL 8

Mail server is one of the important server for any organization as all the communication are done via emails. There are number free and enterprise mail servers available in the IT world. Zimbra is one of the high rated mail server that comes in open source and enterprise edition. In this article, we touch base on how to install and configure single node open-source Zimbra mail server on CentOS 8 / RHEL 8 system.

Zimbra is also known as Zimbra Collaboration Suite (ZCS) because it consists numbers of components like MTA (postfix), Database (MariaDB), LDAP and MailboxdUI etc. Below is the architecture of Zimbra

Zimbra-Architecure-Overview

Minimum System Requirements for Open Source Zimbra Mail Server

  • Minimal CentOS 8/ RHEL 8
  • 8 GB RAM
  • 64-bit Intel / AMD CPU (1.5 GHz)
  • Separate Partition as /opt with at least 5 GB free space
  • Fully Qualified Domain Name (FQDN), like ‘zimbra.linuxtechi.com’
  • Stable Internet Connection with Fixed Internal / Public IP

Following are my Zimbra Lab Setup details:

  • Hostname: zimbra.linuxtechi.com
  • Domain: linuxtechi.com
  • IP address: 192.168.1.60
  • DNS Server: 192.168.1.51
  • SELinux : Enabled
  • Firewall : Enabled

Before jumping into the installation steps of Zimbra, let’s verify DNS records (A & MX) for our Zimbra Server, Login to your CentOS 8 / RHEL 8 system and use dig command to query dns records

Note: In case dig command is not available then install ‘bind-utils’ package

Run following dig command to query A record of our Zimbra server

[[email protected] ~]# dig -t A zimbra.linuxtechi.com

DNS-A-Record-Zimbra-CentOS8-RHEL8

Run following dig command to query MX record for our domain ‘linuxtechi.com

[[email protected] ~]# dig -t MX linuxtechi.com

Query-MX-Record-Zimbra-dig-command-CentOS8

Above outputs confirm that DNS records are configured correctly for our Zimbra mail server.

Read Also : How to Setup DNS Server (Bind) on CentOS 8 / RHEL8

Note: Before starting Zimbra installation, please make sure no MTA ( or mail server) configured on the system. In case it is installed then first disable its service and remove its package

# systemctl stop postfix
# dnf remove postfix -y

Let’s dive into Zimbra installation steps,

Step 1) Apply Updates, add entry in hosts file and reboot your system

Add the hostname entry in hosts file, run the following echo command,

[[email protected] ~]# echo "192.168.1.60  zimbra.linuxtechi.com" >> /etc/hosts

Run the beneath command to apply all the available updates,

[[email protected] ~]# dnf update -y

Once all the updates have been installed then reboot your system once.

[[email protected] ~]# reboot

Step 2) Download Open source Zimbra Collaboration suite

As we discussed above, Zimbra comes in two editions, so use the following URLs to download

To Download it from the command line, run following commands,

[[email protected] ~]# dnf install wget tar perl net-tools nmap-ncat -y
[[email protected] ~]# wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz

Step 3) Start Zimbra Installation via installation script

Once the compressed Zimbra tar file is downloaded in step 2 then extract it in your current working directory using tar command,

[[email protected] ~]# tar zxpvf zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz
[[email protected] ~]# ls -l
total 251560
-rw-------. 1 root root      1352 Aug 30 10:46 anaconda-ks.cfg
drwxrwxr-x. 8 1001 1001      4096 Jun 29 11:39 zcs-8.8.15_GA_3953.RHEL8_64.20200629025823
-rw-r--r--. 1 root root 257588163 Jul  1 07:16 zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz
[[email protected] ~]#

Go to the extracted directory and execute install script to …

0
Read More

How to Install Cacti Monitoring Tool on CentOS 8 / RHEL 8

Cacti is a free and open source front-end network monitoring tool used to monitor and graph time-series metrics of various IT resources in your LAN. It uses the RRDtool to poll services at specified intervals and thereafter represent them on intuitive graphs.

Cacti monitors various metrics such as CPU, memory and bandwidth utilization, disk space, filesystems and running processes to mention a few. You can monitor devices such as servers, routers, switches and even firewalls. Additionally, you can configure alerts such that in case of system downtime, you can receive notifications on email. In this guide, we will walk you through the installation of the Cacti monitoring tool on CentOS 8 / RHEL 8. At the time of penning down this tutorial, the latest Cacti version is version 1.2.14.

Step 1) Install Apache web server

Cacti is a web-based graphing tool, and therefore, we need to install a web server on which the monitoring tool will run on. Here, we are going to install the Apache web server. To do so, execute the command:

$ sudo dnf install httpd -y

Step 2 ) Install PHP and additional PHP extensions

The front-end of the Cacti monitoring tool is purely PHP driven and with that, we need to install PHP and the required PHP modules. Therefore, execute the command:

$ sudo dnf install -y php php-xml php-session php-sockets php-ldap php-gd php-json php-mysqlnd php-gmp php-mbstring php-posix php-snmp php-intl

Step 3) Install MariaDB database server

During installation, Cacti requires its own database to store its files. Additionally, it needs a database for storing all the required data that is needed in populating graphs.

MariaDB is a fork and a drop-in replacement for MySQL. It’s considered more robust and feature-rich and while MySQL would still work, MariaDB comes highly recommended. To install the MariaDB server, run the command:

$ sudo dnf install -y mariadb-server mariadb

Step 4) Install SNMP and RRD tool

Next, we are going to install SNMP and RRDtool which are essential in gathering and processing system metrics.

$ sudo dnf install -y net-snmp net-snmp-utils net-snmp-libs rrdtool

Step 5)  Start and enable services

Having installed all the necessary services required for Cacti to run, we are going to start them as shown:

$ sudo systemctl start httpd
$ sudo systemctl start snmpd
$ sudo systemctl start mariadb

Additionally, ensure to enable them on boot, such that they automatically start upon booting or a reboot.

$ sudo systemctl enable httpd
$ sudo systemctl enable snmpd
$ sudo systemctl enable mariadb

Step 6) Create a database for Cacti

In this step, we are going to create a database and user for cacti and later grant all privileges to the cacti user. Run the following commands:

CREATE DATABASE cactidb;
GRANT ALL ON cactidb.* TO [email protected] IDENTIFIED  BY ‘cactipassword’;
FLUSH PRIVILEGES;
EXIT;

Be sure to note down the database name, user and password as these will be required later on in the installation process.

Create-Cactidb-CentOS8

Next, we need to import the mysql_test_data_timezone.sql to mysql database as shown.

$ mysql -u root -p mysql < /usr/share/mariadb/mysql_test_data_timezone.sql

Then log in to mysql database and grant the cacti user access to the mysql.time_zone_name table.

GRANT SELECT ON mysql.time_zone_name TO [email protected];
FLUSH PRIVILEGES;
EXIT;

Grant-access-cacti-user-centos8

Some database tuning is recommended …

0
Read More