Thursday 25 April 2013

How to Install KVM on Centos 6.3 x86_64


KVM is short for Kernel-based Virtual Machine and makes use of hardware virtualization.You need a CPU that supports hardware virtualization, e.g. Intel VT or AMD-V.


First You need to check if your CPU supports hardware virtualization using below command.

[root@localhost ~]# egrep '(vmx|svm)' --color=always /proc/cpuinfo





If nothing is displayed, then your processor doesn't support hardware virtualization, and you must stop here.



How to Install KVM


First we need to install EPEL repo.you can use this link


Then install the kvm, libvirt,  python-virtinst and qemu-kvm packages.

kvm --> The kvm package contains the KVM kernel module

libvirt ---> Libvirt is a API library for interacting with hypervisors.

python-virtinst --> Provides the virt-install command fro creating virtual machine.

virt-manager --> Provides a Graphical tool for administering virtual machine.


[root@localhost ~]#  yum  install  kvm  libvirt  python-virtinst  qemu-kvm virt-manager


After installation done start the libvirt daemon


[root@localhost ~]# /etc/init.d/libvirtd start

To check if KVM has successfully been installed

[root@localhost ~]# virsh list --all

 Id    Name                           State
----------------------------------------------------

Saturday 20 April 2013

Installation of Nagios Server on Centos


Nagios is one of the open source computer system and network monitoring software application.


Installation of Nagios server

Create nagios user account and set password

            [root@st-web manivel]# useradd -m nagios

            [root@st-web manivel]# passwd nagios

Changing password for user nagios.
New password:
BAD PASSWORD: it is based on a dictionary word
Retype new password:
passwd: all authentication tokens updated successfully.
[root@st-web manivel]#

Create a new group "nagcmd"

           [root@localhost html]# groupadd nagcmd

Add the "nagios" user and "apache" user to the "nagcmd" group

          [root@localhost html]# usermod -a  -G nagcmd nagios

          [root@localhost html]# usermod -a  -G nagcmd apache

Download Nagios and Nagios Plugins

Create a directory "nagios-store" for store downloads

         [root@localhost ~]# mkdir nagios-store
         [root@localhost ~]# cd  nagios-store

Download the Nagios and Nagios Plugins using "wget" command

 [root@localhost nagios-store]# wget http://sourceforge.net/projects/nagios/files/nagios-3.x/nagios-3.5.0/nagios-3.5.0.tar.gz/download


[root@localhost nagios-store]# wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.16.tar.gz


Extract, Compile and install the "Nagios"

[root@localhost nagios]# tar -xzf nagios-3.5.0.tar.gz

[root@localhost nagios]# cd nagios

[root@localhost nagios]# ./configure 

[root@localhost nagios]# make all

[root@localhost nagios]# make install

[root@localhost nagios]# make install-init


make install-init
     - This installs the init script in /etc/rc.d/init.d

[root@localhost nagios]# make install-commandmode


  make install-commandmode
     - This installs and configures permissions on the
       directory for holding the external command file

[root@localhost nagios]# make install-webconf

   make install-webconf
          - This installs the web interface


Extract, Compile and install the "Nagios Plugins"

[root@localhost nagios-store]#  tar -xzf nagios-plugins-1.4.16.tar.gz 

[root@localhost nagios-store]#  cd nagios-plugins-1.4.16

[root@localhost nagios-plugins-1.4.16]#  ./configure 

[root@localhost nagios-store]#  make && make install

Start the Nagios service

[root@localhost nagios-plugins-1.4.16]#  /etc/init.d/nagios  start
Starting nagios: done.

Nagios service automatically start when the system boots

[root@localhost nagios-plugins-1.4.16]# chkconfig nagios on


Verify the sample nagios configuration files

[root@localhost nagios-plugins-1.4.16]# /usr/local/nagios/bin/nagios  -v  /usr/local/nagios/etc/nagios.cfg

It should display without error like this

Nagios Core 3.5.0
Copyright (c) 2009-2011 Nagios Core Development Team and Community Contributors
Copyright (c) 1999-2009 Ethan Galstad
Last Modified: 03-15-2013
License: GPL

Website: http://www.nagios.org
Reading configuration data...
   Read main config file okay...
Processing object config file '/usr/local/nagios/etc/objects/commands.cfg'...
Processing object config file '/usr/local/nagios/etc/objects/contacts.cfg'...
Processing object config file '/usr/local/nagios/etc/objects/timeperiods.cfg'...
Processing object config file '/usr/local/nagios/etc/objects/templates.cfg'...
Processing object config file '/usr/local/nagios/etc/objects/localhost.cfg'...
   Read object config files okay...

Running pre-flight check on configuration data...

Checking services...
Checked 8 services.
Checking hosts...
Checked 1 hosts.
Checking host groups...
Checked 1 host groups.
Checking service groups...
Checked 0 service groups.
Checking contacts...
Checked 1 contacts.
Checking contact groups...
Checked 1 contact groups.
Checking service escalations...
Checked 0 service escalations.
Checking service dependencies...
Checked 0 service dependencies.
Checking host escalations...
Checked 0 host escalations.
Checking host dependencies...
Checked 0 host dependencies.
Checking commands...
Checked 24 commands.
Checking time periods...
Checked 5 time periods.
Checking for circular paths between hosts...
Checking for circular host and service dependencies...
Checking global event handlers...
Checking obsessive compulsive processor commands...
Checking misc settings...

Total Warnings: 0
Total Errors:   0

Things look okay - No serious problems were detected during the pre-flight check

[root@localhost nagios-plugins-1.4.16]# 

Modify SELinux and Firewall Settings

[root@localhost nagios-plugins-1.4.16]# getenforce 
Enforcing

[root@localhost nagios-plugins-1.4.16]# service iptables status
iptables: Firewall is not running.

Once firewall running then stop that

[root@localhost nagios-plugins-1.4.16]# service iptables stop

Change SELinux mode Enforcing to Permissive mode

[root@localhost nagios-plugins-1.4.16]# setenforce 0

If you want to permanently change this, then you need to change below configuration file and reboot your machine.

[root@localhost nagios-plugins-1.4.16]# vim /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted


Now restart the nagios service

[root@localhost nagios-plugins-1.4.16]#  /etc/init.d/nagios  restart


Web interface configuration

     [root@localhost nagios]# htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
      New password: 
      Re-type new password: 
     Adding password for user nagiosadmin
     [root@localhost nagios]#

                username: nagiosadmin

Now restart the httpd service

       [root@localhost nagios]#  /etc/init.d/httpd  restart 
          

You can able to access nagios monitoring system through url with username and password

  http://10.118.248.52/nagios/   or   http://localhost/nagios/ 

Monday 1 April 2013

How to set an idle timeout interval for SSH users

User can login to server via ssh and you can set an idel timeout interval to avoid unattended ssh session.
We need to edit ssh configuration file "/etc/ssh/sshd_config"


[root@mani-sys ~]# vim /etc/ssh/sshd_config 

ClientAliveInterval 300                             ### line 120
ClientAliveCountMax 0

Save and exit the file.

You are setting an idle timeout interval in seconds (300 secs = 5 minutes).After this interval has passed, the idle user will be automatically logged out.


Now restart the ssh service

[root@mani-sys ~]# /etc/init.d/sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
[root@mani-sys ~]# 

I hope this helps....