fbpx

Category: Linux

Posted on

Apache Reverse Proxy Detail

edit the proxy.conf – vi /etc/httpd/conf.modules.d/00-proxy.conf

Load necessary modules

LoadModule rewrite_module modules/mod_rewrite.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so

Load lbmethod modules

LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so

Load additional proxy modules

LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_express_module modules/mod_proxy_express.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
~

Edit your sites’ .conf file – vi /etc/httpd/sites-enabled/service.domainname.com.conf

VirtualHost *:443
ServerName service.domainname.com

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/yourcert.crt
SSLCertificateKeyFile /etc/pki/tls/private/yourprivatekey_privatekey.key
SSLCertificateChainFile /etc/pki/tls/certs/bundle.crt

RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule /(.*) "ws://backendserverIP:portnumber/$1" [P,L]

ProxyPreserveHost On
ProxyPass / http://backendserverIP:portnumber/
ProxyPassReverse / http://backendserverIP:portnumber/

ErrorLog /var/log/httpd/service.domainname.com/error.log
CustomLog /var/log/httpd/service.domainname.com/access.log combined

VirtualHost

Restart HTTPD and test out your new site!

Posted on

Enable SNMP on a Raspberry Pi

sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get install snmpd -y
sudo apt-get install snmp -y
sudo nano /etc/snmp/snmpd.conf
To get it running, you will need to modify the sudo nano /etc/snmp/snmpd.conf file:

First, I commented out this line:

#agentAddress udp:127.0.0.1:161

and below the line ‘#agentAddress udp:161,udp6:[::1]:161′ I added:

agentAddress udp:161

then below this line:

rocommunity public localhost

I added:

rocommunity public 190.0.10.0/24

Finally, restart the service:

service snmpd restart

Posted on

Check-MK Debian Linux Agent Install

First you’ll need to install xinetd which is a requirement for the Check_MK agent:

apt-get install xinetd


Then, latest Check_MK agent installer from your Check_MK website and install:

cd /tmp/
wget http://%yourcheck_mk_server%/download/check-mk-agent_***.deb
dpkg -i check*

Posted on

How to Enable SNMP ESXi 6.5

Open your favorite (Putty) ssh application and connect to your ESX host and then run the following commands:

esxcli system snmp set –communities public
esxcli system snmp set –enable true
esxcli network firewall ruleset set –ruleset-id snmp –allowed-all true
esxcli network firewall ruleset set –ruleset-id snmp –enabled true
/etc/init.d/snmpd restart

The –ruleset should be a dash dash not a bar, same with the –allowed and –enabled; I don’t know why WordPress does that.

Posted on

Adding Disk to Centos LVM

While you can just create a pv out of raw block device I normally try to avoid it as it can cause confusion as to what the block device is being used for. It may also break some of the auto discover routines that LVM can use if it’s missing it’s configuration files.

Here’s an example of using parted to create a GPT with 1 partition that is the whole drive and set the partition flag to be lvm. The mkpart requires that you specify a file system but it doesn’t create the file system. Seems to be a long standing bug in parted. Also the start offset of 1M is to ensure that you get proper alignment.

parted /dev/sdb
mklabel GPT
mkpart primary ext2 1M 100%
set 1 lvm on
quit
pvcreate /dev/sdb1
pvdisplay
vgcreate vg_*name* /dev/sdb1 /dev/sdc1 /dev/sdd1
vgdisplay
lvcreate –extents 100%FREE -n lv_*name* vg_*name*
lvdisplay
mkfs.xfs -f /dev/mapper/vg_*name*-lv_*name*
df -ah

Posted on

Removing Syslogd Installing Rsyslog and Configure to Splunk

yum shell
remove sysklogd
install rsyslog
run
exit

vi /etc/rsyslog.conf
paste in the below:
# ### begin forwarding rule ###
# The statement between the begin … end define a SINGLE forwarding
# rule. They belong together, do NOT split them. If you create multiple
# forwarding rules, duplicate the whole block!
# Remote Logging (we use TCP for reliable delivery)
#
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
$WorkDirectory /var/lib/rsyslog # where to place spool files
$ActionQueueFileName fwdRule1 # unique name prefix for spool files
$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
$ActionQueueType LinkedList # run asynchronously
$ActionResumeRetryCount -1 # infinite retries if host is down
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
*.* @@your splunk server:514
# ### end of the forwarding rule ###

chkconfig rsyslog on
service rsyslog restart

Posted on

VMware Weird Latency Dell R815 Broadcomm Nic

So we were having this weird latency issue with our new R815’s and the Broadcomm nics utilizing iSCSI on a segregated lan.

Turns out we needed the BCM-NetXtremeII-5.0-offline_bundle-940344.zip driver imported into update manager, a reboot later, we were all happy!

Posted on

Cron Jobs on VMware Hosts

This explains how to add a cron job to VMware in such a way that it will still be there after reboots.

Having enabled ssh access to your ESX/ESXi server, ssh in as root.

First, add the cron job to the root crontab:

1. Edit /var/spool/cron/crontabs/root
2. Add the line (all on one line)
5 0 * * * /full/path/to/script arguments/with/full/path > /full/path/to/logfile 2>&1
3. When you quit, use Esc, :wq! to override the read only attribute.

For details of the meaning of “5 0 * * *” (5 minutes past midnight every day) read the man page for crontab(5) on any Unix/Linux server, or else on the web.

Now, add a command to /etc/rc.local to re-generate the cron job when ESX/ESXi reboots

1. Edit /etc/rc.local, using a command such as “vi /etc/rc.local”.
2. At the end of the file, add 3 lines (using “G” then “O” in vi). The first kills crond, the second adds the new cron job to the root crontab file, ad the third restarts crond:
/bin/kill $(cat /var/run/crond.pid)
/bin/echo ’5 0 * * * /full/path/to/script arguments/with/full/path > /full/path/to/logfile 2>&1′ >> /var/spool/cron/crontabs/root
/bin/busybox crond
3. Save and exit the editor (Press the “Esc” key then “:wq” then press “Return” in vi)
4. Run the command “auto-backup.sh” so that the change to /etc/rc.local survives a reboot.

Every time you change the cron job, remember to update /etc/rc.local as well and run the “auto-backup.sh” command to backup the new /etc/rc.local file.

Posted on

Setup mySQL for WordPress

Install MySQL and Apache

yum install mysql
yum install mysql-server
chkconfig mysqld on
service mysqld start
sudo yum install php-gd
yum install httpd
chkconfig httpd on
service httpd start

Create Database:

mysql

Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 5340 to server version: 3.23.54

Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the buffer.

mysql> CREATE DATABASE databasename;
Query OK, 1 row affected (0.00 sec)

mysql> GRANT ALL PRIVILEGES ON databasename.* TO “username”@”hostname”
-> IDENTIFIED BY “password”;
Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.01 sec)

mysql> EXIT
Bye
$