Install packages
# yum install zabbix zabbix-agent zabbix-docs zabbix-server zabbix-server-mysql zabbix-web zabbix-web-mysql
# yum install mysql-server httpd curl-devel net-snmp net-snmp-devel iksemel iksemel-devel

Enable mysqld, httpd, zabbix-agent and zabbix-server boot up automatically
# systemctl enable mysqld.service
# systemctl enable httpd.service
# chkconfig zabbix-agent on
# chkconfig zabbix-server on

Start mysqld and httpd service
# service mysqld start
# service httpd start

Set MySQL root password and import database
# mysqladmin -u root password [whateverpasswd]
# mysql -uroot -p
mysql> create database zabbix;
mysql> quit
# cd /usr/share/doc/zabbix-server-mysql-1.8.10/create/schema
# mysql -u root -p[whateverpasswd] zabbix < mysql.sql
# cd ../data
# mysql -u root -p[whateverpasswd] zabbix < data.sql
# mysql -u root -p[whateverpasswd] zabbix < images_mysql.sql

Change items in configuration files
# vi /etc/zabbix/zabbix_agent.conf
# vi /etc/zabbix/zabbix_agentd.conf
    change from “LogFileSize=0″ to “LogFileSize=1024″
    change from “# DebugLevel=3″ to “DebugLevel=4″
# vi /etc/zabbix/zabbix_server.conf
    change from “LogFileSize=0″ to “LogFileSize=1024″
    change from “# DebugLevel=3″ to “DebugLevel=4″
    change from “# DBPassword=” to “DBPassword=[whateverdbpasswd]“

Create zabbix user and grant its privileges
# mysql -uroot -p
mysql> create user ‘zabbix’@'localhost’ identified by ‘[whateverdbpasswd]‘;
mysql> grant all privileges on zabbix.* to ‘zabbix’@'localhost’ with grant option;
NOTE: The websites I read did not mention this step. If you ignore it, you will see the following errors in the log file.
3548:20120127:115321.384 Database is down. Reconnecting in 10 seconds.
3548:20120127:115331.384 [Z3001] connection to database ‘zabbix’ failed: [1045] Access denied for user ‘zabbix’@'localhost’ (using password: YES)

The errors will occur on Fedora 14:
1830:20120111:202637.548 In DBconnect() flag:1
1830:20120111:202637.549 [Z3001] connection to database ‘zabbix’ failed: [1044] Access denied for user ”@’localhost’ to database ‘zabbix’
1830:20120111:202637.549 Cannot connect to the database. Exiting…

Start zabbix-agent and zabbix-server services
# service zabbix-agent start
# service zabbix-server start

Configure PHP
# vi /etc/php.ini
    change from “;date.timezone =” to “date.timezone = “America/Toronto”"
    change from “memory_limit = 128M” to “memory_limit = 256M”
    change from “post_max_size = 8M” to “post_max_size = 32M”
    change from “upload_max_filesize = 2M” to “upload_max_filesize = 16M”
    change from “max_execution_time = 30″ to “max_execution_time = 600″
    change from “max_input_time = 60″ to “max_input_time = 600″

Restart httpd service
# service httpd restart

Installation from browser
Open Firefox browser and input “http://[serverIP]/zabbix”.
If you can connect to the server, close the firewall
# iptables -F

Click “Next”

Click “I agree” and click “Next”

Click “Next”

Input password, click “Test connection” and click “Next”

Click “Next”

Click “Next”

Click “Next”

Click “Finish” and you can see the login page

Input “Admin”, and its default password “zabbix”, and then you can enter.

Change default Admin password
# mysql -uroot -p
mysql> use zabbix;
mysql> update users set passwd=md5(‘[wahteverpasswd]‘) where alias=”Admin”;
mysql> quit

After everything is ok, you can adjust DebugLevel back
# vi /etc/zabbix/zabbix_agentd.conf
    change from “DebugLevel=4″ to “DebugLevel=3″

# vi /etc/zabbix/zabbix_server.conf
    change from “DebugLevel=4″ to “DebugLevel=3″

# service zabbix-server restart
# service zabbix-agent restart

Disable SELinux, when you use zabbix
When I used Fedora 14 as server before, I found it occurred the below measages
fclose() expects parameter 1 to be resource, boolean given [api/classes/class.cscript.php:626]
Error Description: Permission denied

After I set SELinux, the problem was solved
# setsebool -P httpd_can_network_connect 1
But on Fedora 16, it didn’t work, so I did “setenforce=0″ temporarily.

Reference
http://www.zabbix.com/

When I installed Fedora 16 on my server, I installed MySQL and http.

Enable mysqld and httpd boot up automatically
# systemctl enable mysqld.service
# systemctl enable httpd.service

Install necessary packages
# yum install net-snmp* gd gd-devel libdbi-devel

Create Account Information
# /usr/sbin/useradd -m icinga
# passwd icinga
# /usr/sbin/groupadd icinga-cmd
# /usr/sbin/usermod -a -G icinga-cmd icinga

Download Icinga and the Plugins
# cd /usr/src/
# wget http://sourceforge.net/projects/icinga/files/icinga/1.6.1/icinga-1.6.1.tar.gz
# wget http://sourceforge.net/projects/nagiosplug/files/nagiosplug/1.4.15/nagios-plugins-1.4.15.tar.gz

Compile and Install Icinga with IDOUtils
# tar xvzf icinga-1.6.1.tar.gz
# cd icinga-1.6.1
# ./configure –with-command-group=icinga-cmd –enable-idoutils

Compile and Install
# make all
# make install
# make install-init
# make install-config
# make install-commandmode
# make install-idoutils

Customise Configuration
Change the item email from “icinga@localhost” to yours in the file /usr/local/icinga/etc/objects/contacts.cfg

# cd /usr/local/icinga/etc/
# mv idomod.cfg-sample idomod.cfg
# mv ido2db.cfg-sample ido2db.cfg
# cd modules
# mv idoutils.cfg-sample idoutils.cfg

Creation of Database and IDOUtils
# service mysqld start
# mysql -u root -p
mysql> CREATE DATABASE icinga;
mysql> GRANT USAGE ON *.* TO ‘icinga’@'localhost’
IDENTIFIED BY ‘icinga’
WITH MAX_QUERIES_PER_HOUR 0
MAX_CONNECTIONS_PER_HOUR 0
MAX_UPDATES_PER_HOUR 0;
mysql> GRANT SELECT , INSERT , UPDATE , DELETE, DROP, CREATE VIEW
ON icinga.* TO ‘icinga’@'localhost’;
mysql> FLUSH PRIVILEGES;
mysql> quit
# cd /usr/src/icinga-1.6.1/module/idoutils/db/mysql
# mysql -u root -p icinga < mysql.sql

Configure the Classic Web Interface
# cd /usr/src/icinga-1.6.1
# make cgis
# make install-cgis
# make install-html
# make install-webconf

Create an icingaadmin account for logging into the Icinga classic web interface
# htpasswd -c /usr/local/icinga/etc/htpasswd.users icingaadmin
# service httpd restart

Compile and Install the Nagios Plugins
# cd /usr/src
# tar xvzf nagios-plugins-1.4.15.tar.gz
# cd nagios-plugins-1.4.15
# ./configure –prefix=/usr/local/icinga \
–with-cgiurl=/icinga/cgi-bin –with-htmurl=/icinga \
–with-nagios-user=icinga –with-nagios-group=icinga
# make
# make install

Adjusting the SELinux settings
# setenforce 0
and modify /etc/selinux/config file to change “SELINUX=enforcing” to “SELINUX=permissive”

Start IDOUtils and Icinga
# chkconfig –add ido2db
# service ido2db start
# chkconfig –add icinga
# service icinga start

Login to the Classic Web Interface
Open the browser from your desktop, input “http://[IP]/icinga/”.
If you could not connect the icinga server, try to flush firewall
# iptables -F

Add two hosts to test
# cd /usr/local/icinga/etc
Add a line “cfg_dir=/usr/local/icinga/etc/hosts” after “cfg_dir=/usr/local/icinga/etc/modules” in the icinga.cfg file through edit tool.

# mkdir hosts
# cd hosts
Create a file named linux.cfg that the content is as below
define host {
    use                                linux-server
    host_name                  s2
    address                        192.168.26.2
    check_command       check-host-alive
    contact_groups         admins
}
define host {
    use                               linux-server
    host_name                 s254
    address                       192.168.26.254
    check_command      check-host-alive
    contact_groups         admins
}

Create a file named services.cfg that the content is as below
define service {
        use                                   generic-service
        host_name                     s2, s254
        service_description     HTTP
        check_command          check-host-alive
        }

Verify your configuration
# /usr/local/icinga/bin/icinga -v /usr/local/icinga/etc/icinga.cfg

Reload Icinga
# service icinga reload

Refresh the browser from your desktop, you will find the two hosts you add.

Reference
http://docs.icinga.org/1.6/en/quickstart-idoutils.html

When I went to work on Thursday morning, my colleague on night duty said there was a power outage for 1 second which caused some of the servers to reboot. My manager wanted to know which of the servers rebooted, so that he could arrange to change the UPS in the future. In order to know which servers have rebooted, we can log on each server to check the up time. But if there are hundreds or thousands of servers that needs to be checked, it is very tedious and inefficient.

Fortunately, our servers had been installed snmp so that we could monitor the status by Nagios. Knowing the theory of snmp, I wrote a small script to check the uptime of each server.

#!/bin/bash

NET=192.168.1
COM=public

for i in `seq 2 254`
do
  echo -n “$NET.$i == “
  snmpget -v 1 -c $COM $NET.$i system.sysUpTime.0
done

Run this script to produce the below result:

192.168.1.2 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1601584) 4:26:55.84
192.168.1.3 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1720208093) 199 days, 2:21:20.93
192.168.1.4 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1600525) 4:26:45.25
192.168.1.5 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1600574) 4:26:45.74
192.168.1.6 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1096018961) 126 days, 20:29:49.61
192.168.1.7 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (689354819) 79 days, 18:52:28.19
192.168.1.8 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1648344556) 190 days, 18:44:05.56
192.168.1.9 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2357055895) 272 days, 19:22:38.95
192.168.1.10 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2357056246) 272 days, 19:22:42.46
192.168.1.11 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2356532375) 272 days, 17:55:23.75
192.168.1.12 == Timeout: No Response from 192.168.1.12.
192.168.1.13 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2357103041) 272 days, 19:30:30.41
192.168.1.14 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1752188152) 202 days, 19:11:21.52
192.168.1.15 == DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2357105237) 272 days, 19:30:52.37
… …

Improve the script to list the servers rebooted less 1 day

#!/bin/bash

NET=192.168.1
COM=public

for i in `seq 2 254`

do
  if snmpget -v 1 -c $COM $NET.$i system.sysUpTime.0 2>/dev/null|grep -v day > /dev/null
  then
    echo -n “$NET.$i == “
    snmpget -v 1 -c $COM $NET.$i system.sysUpTime.0 |grep -v day|awk ‘{print $5}’
  fi
done

Run again, the result is
192.168.1.2 == 4:50:23.73
192.168.1.4 == 4:50:13.28
192.168.1.5 == 4:50:13.69
192.168.1.18 == 4:49:47.37
192.168.1.19 == 4:50:09.00
192.168.1.22 == 4:49:38.64
192.168.1.28 == 4:49:47.55
192.168.1.31 == 4:50:53.22
192.168.1.42 == 4:50:00.35
192.168.1.62 == 4:51:41.12
192.168.1.80 == 4:50:31.65
192.168.1.110 == 4:50:39.55
192.168.1.132 == 4:51:21.66
192.168.1.143 == 4:51:27.97
192.168.1.150 == 4:50:41.75
192.168.1.166 == 4:51:32.90
192.168.1.171 == 4:50:49.12

systemd is a replacement for the System V init daemon for Linux. It is intended to provide a better framework for expressing services’ dependencies, allow more work to be done in parallel at system startup, and to reduce shell overhead. It has been used starting with Fedora 15.

On my environment, the system is Fedora 16(X86_64). I want to send my radius log to another web server per 5 second so as to monitor it conveniently.

Create the script file
# vi /usr/local/bin/radinfo

#!/bin/bash
while true
do
  ext=$(date +%y%m%d-%H%M%S)
  tail -200 /var/log/radius/radius.log > /dev/shm/radinfo
  scp /dev/shm/radinfo kezhong@192.168.1.20:/var/www/html/radinfo/r$ext
  ssh kezhong@192.168.1.20 “find /var/www/html/radinfo/ -cmin +60 -exec rm {} \;”                 
  sleep 5
done

Give it execute permission
# chmod u+x /usr/local/bin/radinfo

Create the service file
# vi /lib/systemd/system/radinfo.service

[Unit]
Description=Sending radius log to management server
After=syslog.target network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/radinfo

[Install]
WantedBy=multi-user.target

Make symbolic link
# cd /etc/systemd/system/
# ln -s /lib/systemd/system/radinfo.service radinfo.service

Make systemd take notice of it
# systemctl daemon-reload

Activate a service immediately
# systemctl start radinfo.service

Enable a service to be started on bootup
# systemctl enable radinfo.service

Reference
all of systemd’s man pages

Before Installing, we purchased the license, and got User ID and License ID.

Install base CentOS 5.7(x86_64) and update
# yum update -y

Install compile tools if you didn’t install “Development Tools” and “Develoment Libraries”
# yum install gcc-c++ gcc automake -y

Remove httpd, php and mysql if you have installed them
# yum remove httpd* php* mysql* -y

Disable firewall and selinux
# iptables -F
# iptables -X
# setenforce 0

Add “AllowUsers username” to /etc/ssh/sshd_config before you log out from root
username is your real user’ name

Download installation script from DirectAdmin official website and permit it run
# wget http://directadmin.com/setup.sh
# chmod u+x setup.sh

Install DirectAdmin
# sh setup.sh
*** 64-bit OS ***

*****************************************************
*
* Have you run the pre-install commands? CTRL-C if not.
*   http://help.directadmin.com/item.php?id=354
*
*****************************************************
Please enter your Client ID : xxxxx
Please enter your License ID : xxxxx
Please enter your hostname \(server.domain.com\)
It must be a Fully Qualified Domain Name
Do *not* use a domain you plan on using for the hostname:
eg. don’t use domain.com. Use server.domain.com instead.
Do not enter http:// or www

Enter your hostname (FQDN) : xxxxx.xxxxx.com
Client ID:  xxxxx
License ID: xxxxx
Hostname: xxxxx.xxxxx.com
Is this correct? (y,n) : y
The following ethernet devices/IPs were found. Please enter the name of the device you wish to use:

eth0       xxx.xxx.xxx.xxx
eth1       

Enter the device name: eth0
Is xxx.xxx.xxx.xxx the IP in your license? (y,n) : y

DirectAdmin will now be installed on: Enterprise 5.7
Is this correct? (must match license) (y,n) : y

You now have 2 options for your apache/php setup.

1: customapache: end-of-life software. Includes Apache 1.3, php 4 and frontpage.  **Not recommended**.  Will not work with newer OSs. Limited tech support.
2: custombuild 1.1:  newer software (recommended). Includes any Apache version, php 4, 5, or both in cli and/or suphp. Frontpage not available.
                 Post any issues with custombuild to the forum: http://www.directadmin.com/forum/forumdisplay.php?f=61

Enter your choice (1 or 2): 2
You have chosen custombuild 1.1.
–2011-11-11 14:47:00–  http://files.directadmin.com/services/custombuild/1.1/custombuild/build
Resolving files.directadmin.com… 216.144.254.90, 69.30.193.202
Connecting to files.directadmin.com|216.144.254.90|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 289046 (282K) [text/plain]
Saving to: `/usr/local/directadmin/custombuild/build’

100%[=================================================================================================>] 289,046      855K/s   in 0.3s    

2011-11-11 14:47:01 (855 KB/s) – `/usr/local/directadmin/custombuild/build’ saved [289046/289046]

Would you like the default settings of apache 2.2 and php 5 cli? (y/n): y
Using the default settings for custombuild.
Would you like to search for the fastest download mirror? (y/n): y

…………

make: *** [all-recursive] Error 1
*******************************************
*******************************************

Cannot find /usr/local/bin/php
Please recompile php with custombuild, eg:
cd /usr/local/directadmin/custombuild
./build all d

This appears to be a 64-bit system.
a common cause of http/php compile failures is mentioned here:
http://help.directadmin.com/item.php?id=213

If you’re running CentOS (not freebsd or debian) and applies to you, then type:

ln -sf /usr/lib64/libexpat.so /usr/lib/libexpat.so
ln -sf /usr/lib64/libm.so /usr/lib/libm.so
ln -sf /usr/lib64/libssl.so /usr/lib/libssl.so
cd /usr/local/directadmin/custombuild
./build all d

*******************************************
*******************************************

# ln -sf /usr/lib64/libexpat.so /usr/lib/libexpat.so
# ln -sf /usr/lib64/libm.so /usr/lib/libm.so
# ln -sf /usr/lib64/libssl.so /usr/lib/libssl.so
# cd /usr/local/directadmin/custombuild
# ./build all d

Restart the httpd service
# /sbin/service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd: httpd: Syntax error on line 143 of /etc/httpd/conf/httpd.conf: Syntax error on line 21 of /etc/httpd/conf/extra/httpd-vhosts.conf: Could not open configuration file /etc/httpd/conf/ips.conf: No such file or directory

# cd /usr/local/directadmin
# ./directadmin i
………..

# ./directadmin p
Permissions set

Restart the httpd service again, it will start

Accessing the Control Panel
DirectAdmin can be accessed at http://server.ip.address:2222 — use the Admin username/password specified in the setup.txt file in your scripts directory.