Subject: Migracion OLD-CACTI > New-Cacti
Posted on: enero 28 2009 @ 08:27
By: Cachorroyayo
Content:
Hola Foro....
Como estamos siempre para darnos la mano esta ocacion quiero dejar un grano de arena para los que quizas en algun momento puedan necesitar de esto.
Tengo un servidor cactihttp://www.cacti.net/, el cual me pidieron hacer un backUp y levantarlo en un nuevo server. Bueno yo lo instale en FreeBSD que es lo que usamos aca en el ISP pero creo que no estaria de mas el aporte y ojala les sea de Utilidad.
Ahi les va....
Backup de Cacti y pasarlo a un nuevo servidor sin perder nada de data Smile
Necesitamos instalar los siguientes ports en el nuevo servidor.
/usr/ports/www/apache22
/usr/ports/databases/mysql50-server
/usr/ports/lang/php5
/usr/ports/lang/php5-extensions
/usr/ports/net-mgmt/net-snmp4
/usr/ports/databases/rrdtool
usr/ports/net-mgmt/cacti
Con Apache y MySQL no hay problema pero cuando vas a instalar php5
#cd /usr/ports/lang/php5
# make install clean
Posiblemente al final de la instalacion te de un mensaje de error que tiene que ver con curl (ftp-curl y php5-curl)
cuando trates de instalar el curl por las buenas te dira que CARES Y IPV6 no pueden estar juntos,
Ahora estas son opciones de Curl un port de prerequisito de php5 para salir de esta, editamos el Makefile de curl y
luego lo trabajamos normal para que no de problemas al instalar el php5
# vi /usr/ports/ftp/curl/Makefile
#.if defined(WITH_CARES) && defined(WITH_IPV6)
#IGNORE= does not support both c-ares and IPv6 - disable one of them
#.endif
# make install clean
luego instalas normal
# cd /usr/ports/lang/php5
# cd /usr/ports/lang/php5-extensions
#cd /usr/ports/net-mgmt/net-snmp4
cacti usa net-snmp4 asi que si instalamos net-snmp53 habran conflictos es mejor hacerlo a la primera y no instalar y luego
desinstalar el net-snmp 2 veces hasta que te des cuenta del error.
#cd /usr/ports/databases/rrdtool
#cd usr/ports/net-mgmt/cacti
Ya con los ports instalados procedemos a configurar lo que necesitamos.
Agregamos a /etc/rc.conf
apache22_enable="YES"
mysql_enable="YES"
snmpd_enable="YES"
# /usr/local/etc/rc.d/apache22 start
# /usr/local/etc/rc.d/mysql-server start
# /usr/local/etc/rc.d/snmpd start
APACHE
Modificamos el httpd.conf con unicamente lo siguiente
LoadModule php5_module libexec/apache22/libphp5.so
DocumentRoot "/usr/local/share/cacti"
Alias /cacti /usr/local/share/cacti
Order allow,deny
Allow from all
DirectoryIndex index.php index.html
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
#/usr/local/etc/rc.d/apache22 restart
MYSQL
Seteamos el password del Root
# mysqladmin -u root password 'N3wR0ot.P4s5w0rd'
Creamos la Base de Datos para el Cacti
#mysql -u root pN3wR0ot.P4s5w0rd
MYSQL> CREATE DATABASE cacti;
CACTI
Para que cacti pueda usar la Base de datos que hemos creado en MySQL necesitamos darle permisos en el siguiente archivo
dejando todo tal como se ve:
#vi /usr/local/share/cacti/include/config.php
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "cacti";
Tenemos que darle permisos a Cacti para que pueda hacer el poller y generar las graficas y el chequeo SNMP
#cd /usr/local/share/cacti
#chown -R cacti:www rra/ log/
Y le damos el siguiente script de cron para que haga el poller cada 5 minutos
# crontab -e -u cacti
*/5 * * * * /usr/local/bin/php /usr/local/share/cacti/poller.php> /dev/null
Esto es lo minimo para nuestra configuracion de CACTI, pero como nosotros queremos migrar todos los cientos y por que no miles de archivos
rrd que se han creado en nuestro antguo servidor al nuevo; tenemos que hacer lo siguiente:
OLDCACTI
Dumpeamos la Base de Datos de Cacti
#mysqldump -u root -p cacti > cacti-dump.sql
La debemos de copiar al nuevo servidor
#scp cacti-dump.sql user@newcacti:/usr/local/share/cacti
Luego tenemos que pasar todos los archivos rrd al nuevo servidor. pero primero tenemos que pasarlos a plantilla xml de la siguiente manera.
# cd /usr/share/cacti/rra/# ls -1 *.rrd | awk '{print "rrdtool dump "$1" > "$1".xml"}' | sh -x
Los pasamos al nuevo servidor
scp *.xml user@newcacti:/usr/share/cacti/rra/
NEWCACTI
Eliminamos cualquier archivo rrd que se pueda haber creado
# rm -Rf *.rrd
Comvertimos cada xml en un rrd:
# cd /usr/share/cacti/rra/# ls -1 *.rrd.xml | sed 's/\.xml//' | awk '{print "rrdtool restore "$1".xml "$1}' | sh -x
Eliminamos todos los xml y le damos permiso a los usuarios que corresponde
# rm *.xml
# chown -R cacti:www *
Ahora tenemos que reemplazar la vieja base de datos con la nueva que acabamos de pasar por scp
# mysql -u root -p <> mysql -u root -p
MYSQL> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'cacti';
MYSQL> FLUSH PRIVILEGES;
miércoles, 30 de junio de 2010
martes, 29 de junio de 2010
Backup Linux Ubuntu - RSYNC
RSYNC COPIA LOCAL
rsync -altgvb /var/data/ /home/user/backup
RSYNC SSH - COPIA A UN SERVER.
rsync -e ssh -altgvb /data/ root@192.168.0.1:/home/user/backup
- Hasta aqui todo esta bien, pero si necesitamos hacer esto automaticamente cada hora mediante cron tenemos que lograr que ssh no nos pida contraseña. Para lograrlo realizamos el siguiente procedimiento:
Creamos una llave publica y una llave privada:
ssh-keygen -tdsa
Presionando solo enter en todas las preguntas que el comando anterior requiere vamos a tener nuestra llave publica en /home/usuario/.ssh/id_dsa.pub. Copiamos esta llave al servidor 192.168.0.1:
cd /home/usuario/.ssh/
cat id_dsa.pub | ssh bot@192.168.1.4 "cat - >> /home/bot/.ssh/authorized_keys"
Probamos que todo funcione haciendo:
ssh -l bot 192.168.1.4
Estas son las opciones de Rsync para entender mejor los comandos de arriba.
n no: no transferir solo mostrar lo que hay que hacer
# -a modo archivo (= -rlptDg)
# -r recursivo
# -l preservar soft links
# -p preservar permisos
# -t preservar fecha
# -D preservar dispositivos (solo root)
# -g preservar grupo
# -v modo verboso (-vv mas verboso)
# -z comprimir (si lo admite el servidor)
# -C ignorar archivos como lo hace CVS
# -u update: mantiene archivo destino si existe y es posterior
# -b backup: renombrar archivos destino preexistentes a extensión ~
# --stats imprimir estadisticas al final (solo si se ha puesto también -v)
# --delete borrar archivos en destino si no existen
# -R path relativos (crear rutas completas en el destino)
./rsync.sh install [push | pull] [local_dir] [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
./rsync.sh install pull /home/brett/ brett 192.168.1.2 /home/brett 2222
./rsync.sh run [push | pull] localhost:'/home/paul /media/sdb1/music' [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
The ssh-copy-id command is useful for copying the public key.
ssh-copy-id -i user@host
CLI (Command Line)
rsnapshot: a filesystem snapshot utility for making backups of local and remote systems. The disk space required is just a little more than the space of one full backup, plus incrementals. (My program does not use incrementals).
Code:
sudo aptitude install rsnapshot
Vocabulary
* ssh: a network protocol that allows data to be exchanged using a secure channel (encryption) between two computers
* rsync: a software application for Linux which synchronizes files and directories from one location to another using minimal bandwidth (only transfers files (or parts of files) that don't exist)
* mirror: an exact copy of a data set
* push: to send (or give) data from one computer to another
* pull: to receive (or ask) for data from one computer to another
Let's get started
It has several flags and options, but some are hard-coded, so you may have to edit the script by hand.
Options
General usage:
Quote:
./rsync.sh ['uninstall' | 'install' | 'run'] ['push' | 'pull'] [local_dir] [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
Note: '[remote_ssh_port]' is usually 22 unless you change it from the default. If you don't know how to change the ssh port, its more than likely 22.
install
Use this option if you want to setup an automated, nightly backup between one computer and another.
Arguments:
Quote:
./rsync.sh install [push | pull] [local_dir] [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
Example:
Quote:
./rsync.sh install pull /home/brett/ brett 192.168.1.2 /home/brett 2222
* Creates the following directories: $HOME/bin, $HOME/cron, $HOME/logs
* Creates 4096-bit RSA encryption key (illegal in the USA I think)
* Installs file to directories above
uninstall
Use this option if you want to remove a previously installed setup.
Arguments:
Quote:
./rsync.sh uninstall [remote_user] [remote_host]
Example:
Quote:
./rsync.sh uninstall brett 192.168.1.2
* Removes cron-job
* Removes RSA key
run
Use this option if you want to run the program without installing anything. Good to use as a test and on a single-needs basis.
Arguments:
Quote:
./rsync.sh run [push | pull] [local_dir] [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
Example:
Quote:
./rsync.sh run pull /home/brett/ brett 192.168.1.2 /home/brett 2222
* Runs rsync with your parameters
That turns out to be really easy. If you’ve got ssh, then you’ve probably got ssh-keygen, which exists for the sole purpose of generating public and private keys, which when created without a passphrase can be used for password-free logins. So I ran ssh-keygen to generate a 2048 bit RSA key without a passphrase (aka a passphraseless key). I could also have generated a 1024 bit DSA key. I’m not sure I understand the difference. I’m not sure it matters.
ssh-keygen -b 2048
Inside ~/.ssh, ssh-keygen created two standard files, id_rsa and id_rsa.pub, the private and public keys respectively. The next and final step is to copy and “install” the public key on my backup server (192.168.0.100).
ssh-copy-id -i ~/.ssh/id_rsa.pub jwatt@192.168.0.100
ssh-copy-id uses ssh to copy the public key to the remote server and appends it to the ~/.ssh/authorized_keys file. Of course I didn’t know about ssh-copy-id when I started, so I just scp-ed the file over and pasted the public key into the authorized_keys file.
At which point I could use ssh to login without a password! ssh knows to automatically check for the existence of the id_rsa private key and try logging in with that.
ssh 192.168.0.100
Hot damn! That alone makes me want to start distributing my public key around to every server I access regularly. Of course the other benefit (and the whole point of this post!) is that now I’ll also be able to cron an rsync backup without requiring a password.
My ideal backup is a relatively current mirror of my home directory. I’m not looking for modified file snapshots or entire bootable filesystem images, I just want to know that if my hard drive crashes, most of my data (especially the photos) is recoverable. To that end, my rsync needs are relatively simple, though it took some tweaking to get to this point:
rsync -aze ssh --delete --exclude=".*/" /home/jwatt/ jwatt@192.168.0.100:/home/jwatt/backup/x23/
The -a option means archive files—it’s really an alias for a lot of other options having to do with maintaining permissions and timestamps, etc. The -z option uses compression when transferring files. The -e ssh option tunnels the file transfer over an encrypted ssh connection. The --delete option deletes any destination files that have been deleted from the source. The --exclude=".*/" option skips hidden files and directories. Finally the last two parts are the source (in this case everything under my home directory) and the destination I’ve already set up on my backup server.
And that’s it. I added it to my cron to run daily at 10pm. Set and forget it.
rsync -altgvb /var/data/ /home/user/backup
RSYNC SSH - COPIA A UN SERVER.
rsync -e ssh -altgvb /data/ root@192.168.0.1:/home/user/backup
- Hasta aqui todo esta bien, pero si necesitamos hacer esto automaticamente cada hora mediante cron tenemos que lograr que ssh no nos pida contraseña. Para lograrlo realizamos el siguiente procedimiento:
Creamos una llave publica y una llave privada:
ssh-keygen -tdsa
Presionando solo enter en todas las preguntas que el comando anterior requiere vamos a tener nuestra llave publica en /home/usuario/.ssh/id_dsa.pub. Copiamos esta llave al servidor 192.168.0.1:
cd /home/usuario/.ssh/
cat id_dsa.pub | ssh bot@192.168.1.4 "cat - >> /home/bot/.ssh/authorized_keys"
Probamos que todo funcione haciendo:
ssh -l bot 192.168.1.4
Estas son las opciones de Rsync para entender mejor los comandos de arriba.
n no: no transferir solo mostrar lo que hay que hacer
# -a modo archivo (= -rlptDg)
# -r recursivo
# -l preservar soft links
# -p preservar permisos
# -t preservar fecha
# -D preservar dispositivos (solo root)
# -g preservar grupo
# -v modo verboso (-vv mas verboso)
# -z comprimir (si lo admite el servidor)
# -C ignorar archivos como lo hace CVS
# -u update: mantiene archivo destino si existe y es posterior
# -b backup: renombrar archivos destino preexistentes a extensión ~
# --stats imprimir estadisticas al final (solo si se ha puesto también -v)
# --delete borrar archivos en destino si no existen
# -R path relativos (crear rutas completas en el destino)
./rsync.sh install [push | pull] [local_dir] [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
./rsync.sh install pull /home/brett/ brett 192.168.1.2 /home/brett 2222
./rsync.sh run [push | pull] localhost:'/home/paul /media/sdb1/music' [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
The ssh-copy-id command is useful for copying the public key.
ssh-copy-id -i
CLI (Command Line)
rsnapshot: a filesystem snapshot utility for making backups of local and remote systems. The disk space required is just a little more than the space of one full backup, plus incrementals. (My program does not use incrementals).
Code:
sudo aptitude install rsnapshot
Vocabulary
* ssh: a network protocol that allows data to be exchanged using a secure channel (encryption) between two computers
* rsync: a software application for Linux which synchronizes files and directories from one location to another using minimal bandwidth (only transfers files (or parts of files) that don't exist)
* mirror: an exact copy of a data set
* push: to send (or give) data from one computer to another
* pull: to receive (or ask) for data from one computer to another
Let's get started
It has several flags and options, but some are hard-coded, so you may have to edit the script by hand.
Options
General usage:
Quote:
./rsync.sh ['uninstall' | 'install' | 'run'] ['push' | 'pull'] [local_dir] [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
Note: '[remote_ssh_port]' is usually 22 unless you change it from the default. If you don't know how to change the ssh port, its more than likely 22.
install
Use this option if you want to setup an automated, nightly backup between one computer and another.
Arguments:
Quote:
./rsync.sh install [push | pull] [local_dir] [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
Example:
Quote:
./rsync.sh install pull /home/brett/ brett 192.168.1.2 /home/brett 2222
* Creates the following directories: $HOME/bin, $HOME/cron, $HOME/logs
* Creates 4096-bit RSA encryption key (illegal in the USA I think)
* Installs file to directories above
uninstall
Use this option if you want to remove a previously installed setup.
Arguments:
Quote:
./rsync.sh uninstall [remote_user] [remote_host]
Example:
Quote:
./rsync.sh uninstall brett 192.168.1.2
* Removes cron-job
* Removes RSA key
run
Use this option if you want to run the program without installing anything. Good to use as a test and on a single-needs basis.
Arguments:
Quote:
./rsync.sh run [push | pull] [local_dir] [remote_user] [remote_host] [remote_dir] [remote_ssh_port]
Example:
Quote:
./rsync.sh run pull /home/brett/ brett 192.168.1.2 /home/brett 2222
* Runs rsync with your parameters
That turns out to be really easy. If you’ve got ssh, then you’ve probably got ssh-keygen, which exists for the sole purpose of generating public and private keys, which when created without a passphrase can be used for password-free logins. So I ran ssh-keygen to generate a 2048 bit RSA key without a passphrase (aka a passphraseless key). I could also have generated a 1024 bit DSA key. I’m not sure I understand the difference. I’m not sure it matters.
ssh-keygen -b 2048
Inside ~/.ssh, ssh-keygen created two standard files, id_rsa and id_rsa.pub, the private and public keys respectively. The next and final step is to copy and “install” the public key on my backup server (192.168.0.100).
ssh-copy-id -i ~/.ssh/id_rsa.pub jwatt@192.168.0.100
ssh-copy-id uses ssh to copy the public key to the remote server and appends it to the ~/.ssh/authorized_keys file. Of course I didn’t know about ssh-copy-id when I started, so I just scp-ed the file over and pasted the public key into the authorized_keys file.
At which point I could use ssh to login without a password! ssh knows to automatically check for the existence of the id_rsa private key and try logging in with that.
ssh 192.168.0.100
Hot damn! That alone makes me want to start distributing my public key around to every server I access regularly. Of course the other benefit (and the whole point of this post!) is that now I’ll also be able to cron an rsync backup without requiring a password.
My ideal backup is a relatively current mirror of my home directory. I’m not looking for modified file snapshots or entire bootable filesystem images, I just want to know that if my hard drive crashes, most of my data (especially the photos) is recoverable. To that end, my rsync needs are relatively simple, though it took some tweaking to get to this point:
rsync -aze ssh --delete --exclude=".*/" /home/jwatt/ jwatt@192.168.0.100:/home/jwatt/backup/x23/
The -a option means archive files—it’s really an alias for a lot of other options having to do with maintaining permissions and timestamps, etc. The -z option uses compression when transferring files. The -e ssh option tunnels the file transfer over an encrypted ssh connection. The --delete option deletes any destination files that have been deleted from the source. The --exclude=".*/" option skips hidden files and directories. Finally the last two parts are the source (in this case everything under my home directory) and the destination I’ve already set up on my backup server.
And that’s it. I added it to my cron to run daily at 10pm. Set and forget it.
viernes, 25 de junio de 2010
Verificar errores ficheros DNS - bind
nslint -d -c /etc/bind/named.conf
nslint is a lint-like program that checks DNS files for errors. DNS or Domain Name System generally maps names to IP addresses and E-mail addresses in a hierarchical fashion. Errors detected include missing trailing dots, illegal characters (RFC 1034), records without matching PTR records and vice-versa, duplicate names in a subnet, duplicate names for an address, names with cname records (RFC 1033), missing quotes, and unknown keywords.
nslint is a lint-like program that checks DNS files for errors. DNS or Domain Name System generally maps names to IP addresses and E-mail addresses in a hierarchical fashion. Errors detected include missing trailing dots, illegal characters (RFC 1034), records without matching PTR records and vice-versa, duplicate names in a subnet, duplicate names for an address, names with cname records (RFC 1033), missing quotes, and unknown keywords.
sábado, 19 de junio de 2010
Pollo guisado a la Nati
- Muslos de pollo
ó
- Contramuslos
Se fríen con aceite de oliva los muslos o contramuslos en la olla con aceite hasta que se "doren".
Se añade cebolla picada (1/2), ajo (2 o 3 dientes), laurel, una pastilla de avecren (o sal), perejil, tomillo, pimienta y vino blanco. Un poco de agua y se cierra la olla.
Unos 6 - 8 minutos y listo. Si está con mucho líquido se deja a fuego lento unos minutos.
Estupendo.
ó
- Contramuslos
Se fríen con aceite de oliva los muslos o contramuslos en la olla con aceite hasta que se "doren".
Se añade cebolla picada (1/2), ajo (2 o 3 dientes), laurel, una pastilla de avecren (o sal), perejil, tomillo, pimienta y vino blanco. Un poco de agua y se cierra la olla.
Unos 6 - 8 minutos y listo. Si está con mucho líquido se deja a fuego lento unos minutos.
Estupendo.
Suscribirse a:
Entradas (Atom)