Linuxtechi

How to Configure Rsyslog Server in CentOS 8 / RHEL 8

Rsyslog is a free and opensource logging utility that exists by default on  CentOS 8 and RHEL 8 systems. It provides an easy and effective way of centralizing logs from client nodes to a single central server. The centralization of logs is beneficial in two ways. First,  it simplifies viewing of logs as the Systems administrator can view all the logs of remote servers from a central point without logging into every client system to check the logs. This is greatly beneficial if there are several servers that need to be monitored and secondly, in the event that a remote client suffers a crash, you need not worry about losing the logs because all the logs will be saved on the central rsyslog server. Rsyslog has replaced syslog which only supported UDP protocol. It extends the basic syslog protocol with superior features such as support for both UDP and TCP protocols in transporting logs, augmented filtering abilities, and flexible configuration options. That said, let’s explore how to configure the Rsyslog server in CentOS 8 / RHEL 8 systems.

configure-rsyslog-centos8-rhel8

Prerequisites

We are going to have the following lab setup to test the centralized logging process:

  • Rsyslog server       CentOS 8 Minimal    IP address: 10.128.0.47
  • Client system         RHEL 8 Minimal      IP address: 10.128.0.48

From the setup above, we will demonstrate how you can set up the Rsyslog server and later configure the client system to ship logs to the Rsyslog server for monitoring.

Let’s get started!

Configuring the Rsyslog Server on CentOS 8

By default, Rsyslog comes installed on CentOS 8 / RHEL 8 servers. To verify the status of Rsyslog, log in via SSH and issue the command:

$ systemctl status rsyslog

Sample Output

rsyslog-service-status-centos8

If rsyslog is not present for whatever reason, you can install it using the command:

$ sudo yum install rsyslog

Next, you need to modify a few settings in the Rsyslog configuration file. Open the configuration file.

$ sudo vim /etc/rsyslog.conf

Scroll and uncomment the lines shown below to allow reception of logs via UDP protocol

module(load="imudp") # needs to be done just once
input(type="imudp" port="514")

rsyslog-conf-centos8-rhel8

Similarly, if you prefer to enable TCP rsyslog reception uncomment the lines:

module(load="imtcp") # needs to be done just once
input(type="imtcp" port="514")

rsyslog-conf-tcp-centos8-rhel8

Save and exit the configuration file.

To receive the logs from the client system,  we need to open Rsyslog default port 514 on the firewall. To achieve this, run

# sudo firewall-cmd  --add-port=514/tcp  --zone=public  --permanent

Next, reload the firewall to save the changes

# sudo firewall-cmd --reload

Sample Output

firewall-ports-rsyslog-centos8

Next, restart Rsyslog server

$ sudo systemctl restart rsyslog

To enable Rsyslog on boot, run beneath command

$ sudo systemctl enable rsyslog

To confirm that the Rsyslog server is listening on port 514, use the netstat command as follows:

$ sudo netstat -pnltu

Sample Output

netstat-rsyslog-port-centos8

Perfect! we have successfully configured our Rsyslog server to receive logs from the client system.

To view log messages in real-time run the command:

$ tail -f /var/log/messages

Let’s now configure the client system.

Configuring the client system on RHEL 8

Like the Rsyslog server, log in and check if the rsyslog daemon is running by issuing the command:

$ sudo systemctl status rsyslog

Sample Output

client-rsyslog-service-rhel8

Next, proceed to open the rsyslog configuration file

$ 
0
Read More

How to Enable EPEL Repository on CentOS 8 and RHEL 8 Server

EPEL Stands for Extra Packages for Enterprise Linux, it is a free and opensource additional packages repository available for CentOS and RHEL servers. As the name suggests, EPEL repository provides extra and additional packages which are not available in the default package repositories of CentOS 8 and RHEL 8.

In this article we will demonstrate how to enable and use epel repository on CentOS 8 and RHEL 8 Server.

EPEL-Repo-CentOS8-RHEL8

Prerequisites of EPEL Repository

  • Minimal CentOS 8 and RHEL 8 Server
  • Root or sudo admin privileges
  • Internet Connection

Install and Enable EPEL Repository on RHEL 8.x Server

Login or ssh to your RHEL 8.x server and execute the following dnf command to install EPEL rpm package,

[[email protected] ~]# dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm -y

Output of above command would be something like below,

dnf-install-epel-repo-rehl8

Once epel rpm package is installed successfully then it will automatically enable and configure its yum / dnf repository.  Run following dnf or yum command to verify whether EPEL repository is enabled or not,

[[email protected] ~]# dnf repolist epel
Or
[[email protected] ~]# dnf repolist epel -v

epel-repolist-rhel8

Install and Enable EPEL Repository on CentOS 8.x Server

Login or ssh to your CentOS 8 server and execute following dnf or yum command to install ‘epel-release‘ rpm package. In CentOS 8 server, epel rpm package is available in its default package repository.

[[email protected] ~]# dnf install epel-release -y
Or
[[email protected] ~]# yum install epel-release -y

Execute the following commands to verify the status of epel repository on CentOS 8 server,

 [[email protected] ~]# dnf repolist epel
Last metadata expiration check: 0:00:03 ago on Sun 13 Oct 2019 04:18:05 AM BST.
repo id                                    repo name                                                                          status
*epel                                      Extra Packages for Enterprise Linux 8 - x86_64                                     1,977
[[email protected] ~]#
[[email protected] ~]# dnf repolist epel -v
……………………
Repo-id      : epel
Repo-name    : Extra Packages for Enterprise Linux 8 - x86_64
Repo-status  : enabled
Repo-revision: 1570844166
Repo-updated : Sat 12 Oct 2019 02:36:32 AM BST
Repo-pkgs    : 1,977
Repo-size    : 2.1 G
Repo-metalink: https://mirrors.fedoraproject.org/metalink?repo=epel-8&arch=x86_64&infra=stock&content=centos
  Updated    : Sun 13 Oct 2019 04:28:24 AM BST
Repo-baseurl : rsync://repos.del.extreme-ix.org/epel/8/Everything/x86_64/ (34 more)
Repo-expire  : 172,800 second(s) (last: Sun 13 Oct 2019 04:28:24 AM BST)
Repo-filename: /etc/yum.repos.d/epel.repo
Total packages: 1,977
[[email protected] ~]#

Above command’s output confirms that we have successfully enabled epel repo. Let’s perform some basic operations on EPEL repo.

List all available packages from epel repository

If you want to list all the packages from epel repository then run the following dnf command,

[[email protected] ~]#  dnf repository-packages epel list
……………
Last metadata expiration check: 0:38:18 ago on Sun 13 Oct 2019 04:28:24 AM BST.
Installed Packages
epel-release.noarch                                           8-6.el8                                             @epel
Available Packages
BackupPC.x86_64                                               4.3.1-2.el8                                         epel
BackupPC-XS.x86_64                                            0.59-3.el8                                          epel
CGSI-gSOAP.x86_64                                             1.3.11-7.el8                                        epel
CGSI-gSOAP-devel.x86_64                                       1.3.11-7.el8                                        epel
Field3D.x86_64                                                1.7.2-16.el8                                        epel
Field3D-devel.x86_64                                          1.7.2-16.el8                                        epel
GraphicsMagick.x86_64                                         1.3.33-1.el8                                        epel
GraphicsMagick-c++.x86_64                                     1.3.33-1.el8                                        epel
…………………………
zabbix40-web-mysql.noarch                                     4.0.12-1.el8                                        epel
zabbix40-web-pgsql.noarch                                     4.0.12-1.el8                                        epel
zerofree.x86_64                                               1.1.1-3.el8                                         epel
zimg.x86_64                                                   2.8-4.el8                                           epel
zimg-devel.x86_64                                             2.8-4.el8                                           epel
zstd.x86_64                                                   1.4.2-1.el8                                         epel
zvbi.x86_64                                                   0.2.35-9.el8                                        epel
zvbi-devel.x86_64                                             0.2.35-9.el8                                        epel
zvbi-fonts.noarch                                             0.2.35-9.el8                                        epel
[[email protected] ~]#

Search Package from EPEL Repo

Let’s assume if we want to search Zabbix package in epel repository, execute the following dnf command,

[[email protected] ~]# dnf repository-packages epel list | grep -i zabbix

Output of above command would be something like below,

epel-repo-search-package-centos8

Install a package from epel repo

Let’s assume we want to install …

0
Read More

How to Install and Configure VNC Server on Centos 8 / RHEL 8

A VNC (Virtual Network Computing) Server is a GUI based desktop sharing platform that allows you to access remote desktop machines. In Centos 8 and RHEL 8 systems, VNC servers are not installed by default and need to be installed manually. In this article, we’ll look at how to install VNC Server on CentOS 8 / RHEL 8 systems with a simple step-by-step installation guide.

Prerequisites to Install VNC Server on Centos 8 / RHEL 8

To install VNC Server in your system, make sure you have the following requirements readily available on your system:

  • CentOS 8 / RHEL 8
  • GNOME Desktop Environment
  • Root access
  • DNF / YUM Package repositories

Step by Step Guide to Install VNC Server on Centos 8 / RHEL 8

Step 1)  Install GNOME Desktop environment

Before installing VNC Server in your CentOS 8 / RHEL 8, make sure you have a desktop Environment (DE) installed. In case GNOME desktop is already installed or you have installed your server with gui option then you can skip this step.

In CentOS 8 / RHEL 8, GNOME is the default desktop environment. if you don’t have it in your system, install it using the following command:

[[email protected] ~]# dnf groupinstall "workstation"
Or
[[email protected] ~]# dnf groupinstall "Server with GUI

Once the above packages are installed successfully then run the following command to enable the graphical mode

[[email protected] ~]# systemctl set-default graphical

Now reboot the system so that we get GNOME login screen.

[[email protected] ~]# reboot

Once the system is rebooted successfully uncomment the line “WaylandEnable=false” from the file “/etc/gdm/custom.conf” so that remote desktop session request via vnc is handled by xorg of GNOME desktop in place of wayland display manager.

Note: Wayland is the default display manager (GDM) in GNOME and it not is configured to handled remote rendering API like X.org

Step 2) Install VNC Server (tigervnc-server)

Next we’ll install the VNC Server, there are lot of VNC Servers available, and for installation purposes, we’ll be installing TigerVNC Server. It is one of the most popular VNC Server and a high-performance and platform-independent VNC that allows users to interact with remote machines easily.

Now install TigerVNC Server using the following command:

[[email protected] ~]# dnf install tigervnc-server tigervnc-server-module -y

Step 3) Set VNC Password for Local User

Let’s assume we want ‘pkumar’ user to use VNC for remote desktop session, then switch to the user and set its password using vncpasswd command,

[[email protected] ~]# su - pkumar
[[email protected] ~]$ vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
A view-only password is not used
[[email protected] ~]$
[[email protected] ~]$ exit
logout
[[email protected] ~]#

Step 4) Setup VNC Server Configuration File

Next step is to configure VNC Server Configuration file. Create a file “/etc/systemd/system/[email protected]” with the following content so that tigervnc-server’s service started for above local user “pkumar”.

[[email protected] ~]# vim /etc/systemd/system/[email protected]
[Unit]
Description=Remote Desktop VNC Service
After=syslog.target network.target

[Service]
Type=forking
WorkingDirectory=/home/pkumar
User=pkumar
Group=pkumar

ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/bin/vncserver -autokill %i
ExecStop=/usr/bin/vncserver -kill %i

[Install]
WantedBy=multi-user.target

Save and exit the file,

Note: Replace the user name in above file which suits to your setup.

By default, VNC server listen on tcp port 5900+n, …

0
Read More

How to Install and Use Cockpit on CentOS 8 / RHEL 8

Cockpit is a Web based server management tool available for CentOS and RHEL systems, recently CentOS 8 and RHEL 8 are released where cockpit is kept as default server management tool. Its package is available in the default CentOS 8 and RHEL 8 package repositories. Cockpit is a useful Web based GUI tool through which sysadmins can monitor and manage their Linux servers, it can also used to manage networking and storage on servers, containers, virtual machines and inspections of system and application’s logs.

In this article we will demonstrate how to install and setup Cockpit on CentOS 8 and RHEL 8 system.

Installation and setup of Cockpit on CentOS 8 / RHEL 8 System

Login to your CentOS8 / RHEL 8 system and open the terminal and execute the following dnf command,

[[email protected] ~]# dnf install cockpit -y

Run the following command to enable and start cockpit service,

[[email protected] ~]# systemctl start cockpit.socket
[[email protected] ~]# systemctl enable cockpit.socket

Allow Cockpit ports in OS firewall using following command,

[[email protected] ~]# firewall-cmd --permanent --add-service=cockpit
[[email protected] ~]# firewall-cmd --reload

Verify whether cockpit service is up and running or not, execute the following commands,

[[email protected] ~]# systemctl status cockpit.socket
[[email protected] ~]# ss -tunlp | grep cockpit
[[email protected] ~]# ps auxf|grep cockpit

cockpit-status-centos8-rhel8

Access Cockpit on CentOS 8 / RHEL 8 system

As we can see in above command’s output that cockpit is listening on tcp port 9090, open your system web browser and type url :

https://<Your-CentOS8/RHEL8-System-IP>:9090

CentOS8-cockpit-login-screen

Cockpit Login Screen for RHEL 8,

RHEL8-Cockpit-Login-Screen

Use the user name which has admin rights, or we can also use the root user’s credentials to login. In case you want to assign admin rights to any local user, execute the following command,

[[email protected] ~]# usermod -G wheel pkumar

here pkumar is my local user,

Once you enter the user’s credentials, choose “Reuse my password for privileged tasks” and then click on “Log In” option after that we will get following screen,

cockpit-dashboard-centos8

On the Left-hand side bar, we can see what things can be monitored and configured via cockpit GUI,

Let’s assume if you wish to check whether there are any updates available for your CentOS 8 / RHEL 8 system, click on “System Updates” option,

Software-Updates-Cockpit-GUI-CentOS8-RHEL8

To Install all updates, click on “Install All Updates

Install-Software-Updates-CentOS8-RHEL8

If wish to modify networking and want to add Bond interface and Bridge, then click on “Networking

Networking-Cockpit-Dashboard-CentOS8-RHEL8

As we can in above window, we have the options to create Bond interface, Bridge and VLAN tagged interface.

Let’s assume we want to create a bridge as “br0” and want to add enp0s3 as port to it, click on “Add Bridge” option,

Specify the bridge name as “br0” and port as “enp0s3” and then click on apply

Add-Bridge-Cockpit-CentOS8-RHEL8

In the next screen we will see that our bridge is active and got the same IP as of enp0s3 interface,

Bridge-Details-Cockpit-Dashboard-CentOS8-RHEL8

If you wish to inspect system logs then click on “Logs” options, there we can view logs based on their severity

System-Logs-Cockpit-Dashboard-CentOS8-RHEL8

That’s all from this article, similarly sysadmins can use remaining other options of cockpit to monitor and manage their CentOS 8 and RHEL 8 server. In case these steps help you …

0
Read More

CentOS 8 Installation Guide with Screenshots

After RHEL 8 release, CentOS community has released its most awaited Linux distribution as CentOS 8. It comes into two forms:

  • CentOS stream – It is designed for the developers where they will get the updates quite frequently.
  • CentOS – It is RHEL 8 like stable OS where sysadmin can install and configure the servers and applications.

In this article, we will demonstrate how to install CentOS 8 Server step by step with screenshots.

 New features in CentOS 8 :

  • DNF is the default package manager through yum can also be used.
  • Network configuration will be controlled by Network Manager (nmcli & nmtui) as network scripts are removed.
  • Podman utility to manage containers
  • Introduction of two packages repositories: BaseOS and AppStream
  • Cockpit available as default server management tool
  • Wayland is the default display server
  • Iptables are replaced by nftables
  • Linux Kernel 4.18
  • PHP 7.2, Python 3.6, Ansible 2.8, VIM 8.0 and Squid 4

Minimum System Requirements CentOS 8:

  • 2 GB RAM
  • 2 GHz or Higher Processor
  • 20 GB Hard Disk
  • 64-bit x86 System

CentOS 8 Installation Steps with Screenshots

Step:1) Download CentOS 8 ISO File

Download CentOS 8 ISO file from its official site,

https://www.centos.org/download/

Step:2) Create CentOS 8 Bootable media (USB / DVD)

Once you have downloaded CentOS 8 iso file, burn it either into USB stick or in DVD to make it bootable.

Reboot the system on which you want to install CentOS 8, change the boot medium either as USB or DVD from bios settings.

Step:3) Choose “Install CentOS 8.0” option

When the system boots up with CentOS 8 bootable media, then we will get the following screen, choose “Install CentOS 8.0” and hit enter,

Choose-Install-CentOS8

Step:4) Select your preferred language

Choose the language that suits to your CentOS 8 installation and then click on Continue,

Select-Language-CentOS8-Installation

Step:5) Preparing CentOS 8 Installation

In this step we will configure the followings:

  • Keyboard Layout
  • Date / Time
  • Installation Source
  • Software Selection
  • Installation Destination
  • Kdump

Installation-Summary-CentOS8

As we can see in above window, installer has automatically pick ‘Keyboard’ layout, ‘Time & Date’, ‘Installation Source’ and ‘Software Selection’.

If you want to change any of these settings, then click on their respective icon, let’s assume we want to change Time & Date of system, so click on ‘Time & Date’ and choose the time zone that suits to your installation and then click on Done

TimeZone-CentOS8-Installation

Choose your preferred option from “Software Selection“, in case you want to install server with GUI then choose “Server with GUI” option and if you want to do minimal installation then choose “Minimal Install“.

Software-Selection-CentOS8-Installation

In this tutorial we will go with “Server with GUI” option, click on Done

Kdump is enabled by default, if wish to disable it then click on icon and disable it but it is strongly recommended one should enable kdump.

If you wish to configure networking during the installation, then click on “Network & Host Name

Networking-During-CentOS8-Installation

In case your system is connected to modem where DHCP is running then it will automatically pick the ip whenever we enable the interface and if  you wish to configure the static ip then click on ‘…

0
Read More

Installation Guide of Manjaro 18.1 (KDE Edition) with Screenshots

Within a year of releasing Manjaro 18.0 (Illyria), the team has come out with their next big release with Manjaro 18.1, codenamed “Juhraya“. The team also have come up with an official announcement saying that Juhraya comes packed with a lot of improvements and bug fixes.

New Features in Manjaro 18.1

Some of the new features and enhancements in Manjaro 18.1 are listed below:

  • Option to choose between LibreOffice or Free Office
  • New Matcha theme for Xfce edition
  • Redesigned messaging system in KDE edition
  • Support for Snap and FlatPak packages using “bhau” tool

Minimum System Requirements for Manjaro 18.1

  • 1 GB RAM
  • One GHz Processor
  • Around 30 GB Hard disk space
  • Internet Connection
  • Bootable Media (USB/DVD)

Step by Step Guide to Install Manjaro 18.1 (KDE Edition)

To start installing Manjaro 18.1 (KDE Edition) in your system, please follow the steps outline below:

Step 1) Download Manjaro 18.1 ISO

Before installing, you need to download the latest copy of Manjaro 18.1 from its official download page located here. Since we are seeing about the KDE version, we chose to install the KDE version. But the installation process is the same for all desktop environments including Xfce, KDE and Gnome editions.

Step 2) Create a USB Bootable Disk

Once you have successfully downloaded the ISO file from Manjaro downloads page, it is time to create an USB disk. Copy the downloaded ISO file in a USB disk and create a bootable disk. Make sure to change your boot settings to boot using a USB and restart your system

Step 3) Manjaro Live Installation Environment

When the system restarts, it will automatically detect the USB drive and starts booting into the Manjaro Live Installation Screen.

Boot-Manjaro-18-1-kde-installation

Next use the arrow keys to choose “Boot: Manjaro x86_64 kde” and hit enter to launch the Manjaro Installer.

Step 4) Choose Launch Installer

Next the Manjaro installer will be launched and If you are connected to the internet, Manjaro will automatically detect your location and time zone. Click “Launch Installer” start installing Manjaro 18.1 KDE edition in your system.

Choose-Launch-Installaer-Manjaro18-1-kde

Step 5) Choose Your Language

Next the installer will take you to choose your preferred language.

Choose-Language-Manjaro18-1-Kde-Installation

Select your desired language and click “Next”

Step 6) Choose Your time zone and region

In the next screen, select your desired time zone and region and click “Next” to continue

Select-Location-During-Manjaro18-1-KDE-Installation

Step 7) Choose Keyboard layout

In the next screen, select your preferred keyboard layout and click “Next” to continue.

Select-Keyboard-Layout-Manjaro18-1-kde-installation

Step 8) Choose Partition Type

This is a very critical step in the installation process. It will allow you to choose between:

  • Erase Disk
  • Manual Partitioning
  • Install Alongside
  • Replace a Partition

If you are installing Manjaro 18.1 in a VM (Virtual Machine), then you won’t be able to see the last 2 options.

If you are new to Manjaro Linux then I would suggest you should go with first option (Erase Disk), it will automatically create required partitions for you. If you want to create custom partitions then choose the second option “Manual Partitioning“, as its name suggests it will allow us to create our own custom partitions.

In this tutorial I will be creating custom partitions by …

0
Read More

How to Configure SFTP Server with Chroot in Debian 10

SFTP stands for Secure File Transfer Protocol, it is one of the most common method which is used to transfer files securely over ssh from our local system to remote server and vice-versa. The main advantage of sftp is that we don’t need to install any additional package except ‘openssh-server’, in most of the Linux distributions ‘openssh-server’ package is the part of default installation. Other benefit of sftp is that we can allow user to use sftp only not ssh.

Configure-sftp-debian10

Recently Debian 10, Code name ‘Buster’ has been released, in this article we will demonstrate how to configure sftp with Chroot ‘Jail’ like environment in Debian 10 System. Here Chroot Jail like environment means that User’s can go beyond from their respective home directories or users cannot change directories from their home directories.  Following are the lab details:

  • OS = Debian 10
  • IP Address = 192.168.56.151

Let’s jump into SFTP Configuration Steps,

Step:1) Create a Group for sftp using groupadd command

Open the terminal, create a group with a name “sftp_users” using below groupadd command,

[email protected]:~# groupadd sftp_users

Step:2) Add Users to Group ‘sftp_users’ and set permissions

In case you want to create new user and want to add that user to ‘sftp_users’ group, then run the following command,

Syntax: #  useradd -m -G sftp_users <user_name>

Let’s suppose user name is ’Jonathan’

[email protected]:~# useradd -m -G sftp_users jonathan

set the password using following chpasswd command,

[email protected]:~# echo "jonathan:<enter_password>" | chpasswd

In case you want to add existing users to ‘sftp_users’ group then run beneath usermod command, let’s suppose already existing user name is ‘chris’

[email protected]:~# usermod -G sftp_users chris

Now set the required permissions on Users,

[email protected]:~# chown root /home/jonathan /home/chris/

Create an upload folder in both the user’s home directory and set the correct ownership,

[email protected]:~# mkdir /home/jonathan/upload
[email protected]:~# mkdir /home/chris/upload
[email protected]:~# chown jonathan /home/jonathan/upload
[email protected]:~# chown chris /home/chris/upload

Note: In upload folder, user like Jonathan and Chris can upload files and directories from their local system .

Step:3) Edit sftp configuration file (/etc/ssh/sshd_config)

As we have already stated that sftp operations are done over the ssh, so it’s configuration file is “/etc/ssh/sshd_config“, Before making any changes I would suggest first take the backup and then edit this file and add the following content,

[email protected]:~# cp /etc/ssh/sshd_config /etc/ssh/sshd_config-org
[email protected]:~# vim /etc/ssh/sshd_config
………
#Subsystem      sftp    /usr/lib/openssh/sftp-server
Subsystem       sftp    internal-sftp

Match Group sftp_users
  X11Forwarding no
  AllowTcpForwarding no
  ChrootDirectory %h
  ForceCommand internal-sftp
…………

Save & exit the file.

To make above changes into the affect, restart ssh service using following systemctl command

[email protected]:~# systemctl restart sshd

In above ‘sshd_config’ file we have commented out the line which starts with “Subsystem” and added new entry “Subsystem       sftp    internal-sftp” and new lines like,

Match Group sftp_users”  –> It means if a user is a part of ‘sftp_users’ group then apply rules which are mentioned below to this entry.

ChrootDierctory %h” –> It means users can only change directories within their respective home directories, they cannot go beyond their home directories, or in other words we can users are not permitted to change directories, they will get jai like environment within their directories and can’t access any other user’s and system’s directories.

ForceCommand internal-sftp” …

0
Read More

How to Collect System and Application Metrics using Metricbeat

Metricbeat is a lightweight shipper (or agent) which is used to collect system’s metrics and application metrics and send them to Elastic Stack Server (i.e Elasticsearch). Here system’s metrics refers to CPU, Memory, Disk and Network Stats (IOPS) and application metrics means monitoring and collecting metrics of applications like Apache, NGINX, Docker, Kubernetes and Redis etc. For metricbeat to work first we must make sure that we have a healthy elastic stack setup up and running.  Please refer the below url to setup elastic stack:

How to Setup Multi Node Elastic Stack Cluster on RHEL 8 / CentOS 8

In this article we will demonstrate how install metricbeat on linux servers and then how metricbeat sends data to Elastic Stack Server (i.e Elasticsearch) and then we will verify from kiabana GUI whether metrics data is visible or not.

Install Metricbeat on CentOS / RHEL Servers

On CentOS / RHEL Servers, metricbeat is installed using the following rpm command,

[[email protected] ~]# rpm -ivh https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-7.3.1-x86_64.rpm

For Debian based systems, use below command to install metricbeat.

~]# curl -L -O https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-7.3.1-amd64.deb
~]# dpkg -i metricbeat-7.3.1-amd64.deb

Add the following lines in /etc/hosts file, as we will be using FQDN of Elasticsearch and Kibana in metricbeat config file and command,

Note: Change the IPs and Hostname as per  your setup

192.168.56.40             elasticsearch1.linuxtechi.local
192.168.56.50             elasticsearch2.linuxtechi.local
192.168.56.60             elasticsearch3.linuxtechi.local
192.168.56.10             kibana.linuxtechi.local

Configure Metricbeat on Linux Server (CentOS / RHEL / Debian)

Whenever metricbeat rpm & deb package is installed then its configuration file (metricbeat.yml) is created under “/etc/metricbeat/“. Let’s edit this configuration file and inform system to send system and application metrics data to Elasticsearch servers.

[[email protected] ~]# vi /etc/metricbeat/metricbeat.yml

setup.kibana:
   host: "kibana.linuxtechi.local:5601"
output.elasticsearch:
    hosts: ["elasticsearch1.linuxtechi.local:9200","elasticsearch2.linuxtechi.local:9200","elasticsearch3.linuxtechi.local:9200"]

Save and exit the file

Note: Replace Elasticsearch and Kibana details that suits to your environment.

Run following metricbeat command so that metric dashboard become available in Kibana GUI.

[[email protected] ~]# metricbeat setup -e -E output.elasticsearch.hosts=['elasticsearch1.linuxtechi.local:9200','elasticsearch2.linuxtechi.local:9200','elasticsearch3.linuxtechi.local:9200'] -E setup.kibana.host=kibana.linuxtechi.local:5601

Output of above command would be something like below:

metricbeat-command-output-linuxserver

Above output confirms that metrics dashboard is loaded successfully in Kibana GUI. Now via metricbeat it will send the metrics data to Elastic Stack server every 10 seconds.

Let’s start and enable metricbeat service using following commands,

[[email protected] ~]# systemctl start metricbeat
[[email protected] ~]# systemctl enable metricbeat

Now go to Kibana GUI and click on Dashboard from left side bar,

Kibana-GUI-Dashbaord-Option

In the next window we will see available metrics dashboards, search ‘system’ and then choose System Metrics Dashboard,

Choose-Metric-Dashbaord-Kibana

Metricbeat-System-Overview-ECS-Kibana

As we can see System’s metrics data is available on the dashboard, these metrics are collected based on entries mentioned in the file “/etc/metricbeat/modules.d/system.yml

Let’s suppose we want to collect application’s metrics data as well then we have to first enable their respective modules, to enable Apache and MySQL metric module ,run the following command from client machine,

[[email protected] ~]# metricbeat modules enable apache mysql
Enabled apache
Enabled mysql
[[email protected] ~]#

Once we enable the modules, we can edit their yml file,

[[email protected] ~]# vi /etc/metricbeat/modules.d/apache.yml
…
- module: apache
  period: 10s
  hosts: ["http://192.168.56.70"]
…

Change IP in host parameter that suits to your environment.

Similarly edit mysql yml file, Change mysql root credentials that suits to your environment

[[email protected] ~]# vi /etc/metricbeat/modules.d/mysql.yml
………
- 
0
Read More

How to Setup Multi Node Elastic Stack Cluster on RHEL 8 / CentOS 8

Elastic stack widely known as ELK stack, it is a group of opensource products like Elasticsearch, Logstash and Kibana. Elastic Stack is developed and maintained by Elastic company. Using elastic stack, one can feed system’s logs to Logstash, it is a data collection engine which accept the logs or data from all the sources and normalize logs and then it forwards the logs to Elasticsearch for analyzing, indexing, searching and storing and finally using Kibana one can represent the visualize data, using Kibana we can also create interactive graphs and diagram based on user’s queries.

Elastic-Stack-Cluster-RHEL8-CentOS8

In this article we will demonstrate how to setup multi node elastic stack cluster on RHEL 8 / CentOS 8 servers. Following are details for my Elastic Stack Cluster:

Elasticsearch:
  • Three Servers with Minimal RHEL 8 / CentOS 8
  • IPs & Hostname – 192.168.56.40 (elasticsearch1.linuxtechi. local), 192.168.56.50 (elasticsearch2.linuxtechi. local), 192.168.56.60 (elasticsearch3.linuxtechi. local)
Logstash:
  • Two Servers with minimal RHEL 8 / CentOS 8
  • IPs & Hostname – 192.168.56.20 (logstash1.linuxtechi. local) , 192.168.56.30 (logstash2.linuxtechi. local)
Kibana:
  • One Server with minimal RHEL 8 / CentOS 8
  • Hostname – kibana.linuxtechi.local
  • IP – 192.168.56.10
Filebeat:
  • One Server with minimal CentOS 7
  • IP & hostname – 192.168.56.70 (web-server)

Let’s start with Elasticsearch cluster setup,

Setup 3 node Elasticsearch cluster

As I have already stated that I have kept nodes for Elasticsearch cluster, login to each node, set the hostname and configure yum/dnf repositories.

Use the below hostnamectl command to set the hostname on respective nodes,

[[email protected] ~]# hostnamectl set-hostname "elasticsearch1.linuxtechi. local"
[[email protected] ~]# exec bash
[[email protected] ~]#
[[email protected] ~]# hostnamectl set-hostname "elasticsearch2.linuxtechi. local"
[[email protected] ~]# exec bash
[[email protected] ~]#
[[email protected] ~]# hostnamectl set-hostname "elasticsearch3.linuxtechi. local"
[[email protected] ~]# exec bash
[[email protected] ~]#

For CentOS 8 System we don’t need to configure any OS package repository and for RHEL 8 Server, if you have valid subscription and then subscribed it with Red Hat for getting package repository.  In Case you want to configure local yum/dnf repository for OS packages then refer the below url:

How to Setup Local Yum/DNF Repository on RHEL 8 Server Using DVD or ISO File

Configure Elasticsearch package repository on all the nodes, create a file elastic.repo  file under /etc/yum.repos.d/ folder with the following content

~]# vi /etc/yum.repos.d/elastic.repo
[elasticsearch-7.x]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

save & exit the file

Use below rpm command on all three nodes to import Elastic’s public signing key

~]# rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

Add the following lines in /etc/hosts file on all three nodes,

192.168.56.40             elasticsearch1.linuxtechi.local
192.168.56.50             elasticsearch2.linuxtechi.local
192.168.56.60             elasticsearch3.linuxtechi.local

Install Java on all three Nodes using yum / dnf command,

[[email protected] ~]# dnf install java-openjdk -y
[[email protected] ~]# dnf install java-openjdk -y
[[email protected] ~]# dnf install java-openjdk -y

Install Elasticsearch using beneath dnf command on all three nodes,

[[email protected] ~]# dnf install elasticsearch -y
[[email protected] ~]# dnf install elasticsearch -y
[[email protected] ~]# dnf install elasticsearch -y

Note: In case OS firewall is enabled and running in each Elasticsearch node then allow following ports using beneath firewall-cmd command,

~]# firewall-cmd --permanent --add-port=9300/tcp
~]# firewall-cmd --permanent --add-port=9200/tcp
~]# firewall-cmd --reload

Configure Elasticsearch, edit the file “/etc/elasticsearch/elasticsearch.yml” on all the three nodes and add the followings,

~]# vim /etc/elasticsearch/elasticsearch.yml
…………………………………………
cluster.name: opn-cluster
node.name: elasticsearch1.linuxtechi.local
0
Read More

Different Ways to Configure Static IP Address in RHEL 8

While Working on Linux Servers, assigning Static IP address on NIC / Ethernet cards is one of the common tasks that every Linux engineers do. If one configures the Static IP address correctly on a Linux server then he/she can access it remotely over network. In this article we will demonstrate what are different ways to assign Static IP address on RHEL 8 Server’s NIC.

Configure-Static-IP-RHEL8

Following are the ways to configure Static IP on a NIC,

  • nmcli (command line tool)
  • Network Scripts files(ifcfg-*)
  • nmtui  (text based user interface)

Configure Static IP Address using nmcli command line tool

Whenever we install RHEL 8 server then ‘nmcli’, a command line tool is installed automatically, nmcli is used by network manager and allows us to configure static ip address on Ethernet cards.

Run the below ip addr command to list ethernet cards,

[[email protected] ~]# ip addr

ip-addr-command-rhel8

As we can see in above command output, we have two NICs enp0s3 & enp0s8. Currently ip address assigned to the NIC is via dhcp server.

Let’s assume we want to assign the static IP address on first NIC (enp0s3) with the following details,

  • IP address = 192.168.1.4
  • Netmask = 255.255.255.0
  • Gateway= 192.168.1.1
  • DNS = 8.8.8.8

Run the following nmcli commands one after the another to configure static ip,

List currently active Ethernet cards using “nmcli connection” command,

[[email protected] ~]# nmcli connection
NAME    UUID                                  TYPE      DEVICE
enp0s3  7c1b8444-cb65-440d-9bf6-ea0ad5e60bae  ethernet  enp0s3
virbr0  3020c41f-6b21-4d80-a1a6-7c1bd5867e6c  bridge    virbr0
[[email protected] ~]#

Use beneath nmcli command to assign static ip on enp0s3,

Syntax:

# nmcli connection modify <interface_name> ipv4.address  <ip/prefix>

Note: In short form, we usually replace connection with ‘con’ keyword and modify with ‘mod’ keyword nmcli command.

[[email protected] ~]# nmcli con mod enp0s3 ipv4.addresses 192.168.1.4/24
[[email protected] ~]#

Set the gateway using below nmcli command,

[[email protected] ~]# nmcli con mod enp0s3 ipv4.gateway 192.168.1.1
[[email protected] ~]#

Set the manual configuration ( from dhcp to static)

[[email protected] ~]# nmcli con mod enp0s3 ipv4.method manual
[[email protected] ~]#

Set DNS value as “8.8.8.8” using following nmcli command,

[[email protected] ~]# nmcli con mod enp0s3 ipv4.dns "8.8.8.8"
[[email protected] ~]#

Save the above changes and reload the interface,

[[email protected] ~]# nmcli con up enp0s3
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
[[email protected] ~]#

Above command output confirms that interface enp0s3 has been configured successfully.Whatever the changes we have made using above nmcli commands, those changes is saved permanently under the file “etc/sysconfig/network-scripts/ifcfg-enp0s3”

[[email protected] ~]# cat /etc/sysconfig/network-scripts/ifcfg-enp0s3

ifcfg-enp0s3-file-rhel8

Configure Static IP Address manually using network-scripts (ifcfg-) files

We can configure the static ip address to an ethernet card using its network-script or ‘ifcfg-‘ files. Let’s assume we want to assign the static ip address on our second ethernet card ‘enp0s8’.

  • IP= 192.168.1.91
  • Netmask / Prefix = 24
  • Gateway=192.168.1.1
  • DNS1=4.2.2.2

Go to the directory “/etc/sysconfig/network-scripts”  and look for the file ‘ifcfg- enp0s8’, if it does not exist then create it with following content,

[[email protected] ~]# cd /etc/sysconfig/network-scripts/
[[email protected] network-scripts]# vi ifcfg-enp0s8
TYPE="Ethernet"
DEVICE="enp0s8"
BOOTPROTO="static"
ONBOOT="yes"
NAME="enp0s8"
IPADDR="192.168.1.91"
PREFIX="24"
GATEWAY="192.168.1.1"
DNS1="4.2.2.2"

Save and exit the file and then restart network manager service to make above changes into effect,

[[email protected] network-scripts]# systemctl restart NetworkManager
[[email protected] network-scripts]#

Now use below ip command to verify whether ip address is assigned to nic or not,

[[email protected] ~]# ip add show enp0s8
3: enp0s8: 
0
Read More