|
|
| (15 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| {{header}} | | {{header}} |
|
| |
|
| '''Striker''' is the [[Anvil!]] dashboard and node monitoring software.
| | {{warning|1=This is an in-progress document. Do not expect anything here to be accurate or correct. This warning will be removed when the guide is completed. You can track the progress on [https://github.com/digimer/striker Striker's Github] page.}} |
|
| |
|
| * The Dashboard loads onto monitoring devices and is used to control one or more Anvil! clusters and it's servers.
| | ''Striker'' is the [[Anvil!]] web-based dashboard. |
| * The Monitor loads onto Anvil! nodes and monitors an individual node's hardware, it's view of the cluster software and shared foundation pack devices.
| |
|
| |
|
| = Dashboard =
| | It's goal is to reduce the potential for human errors causing availability interruptions by simplifying the interface as much as possible. With it, you can build, maintain and replace other dashboards and ''Anvil!'' nodes, as well as build ''Anvil!' systems from scratch. |
|
| |
|
| To come later
| | ''Striker'' dashboards also act as a ''[[ScanCore]]'' database. Two or more ''Striker'' dashboards will work together to make the ''ScanCore'' data resilient by handling replication of the data and n-way resync automatically to update new or rebooted dashboards. |
|
| |
|
| == Install Striker ==
| | * [[Build an Anvil! - Detailed]] - or - [[Build an Anvil! - Cookbook]] |
|
| |
|
| === Requirements === | | = Manual = |
|
| |
|
| * A machine with two wired network interfaces, one to the [[BCN]] and one to the [[IFN]]. | | * Version [[Striker v2.0|2.0]] |
| * [[RHEL]], [[CentOS]] or similar version 6.x (6.5 or higher recommended).
| |
| ** Minimal install is sufficient, provided you install <span class="code">perl</span>.
| |
| ** The installer will install everything else it needs.
| |
| | |
| <syntaxhighlight lang="bash">
| |
| yum install perl
| |
| </syntaxhighlight>
| |
| <syntaxhighlight lang="text">
| |
| <yum output>
| |
| </syntaxhighlight>
| |
| | |
| This install document will be using a fresh, minimal install of CentOS 6.5.
| |
| | |
| === Getting the Install Script ===
| |
| | |
| The Striker installer needs to be downloaded. To account for minimal installs where <span class="code">wget</span> is not available, we'll use <span class="code">curl</span> instead which is always available.
| |
| | |
| <syntaxhighlight lang="bash">
| |
| curl https://raw.githubusercontent.com/digimer/an-cdb/master/striker-installer > striker-installer
| |
| </syntaxhighlight>
| |
| <syntaxhighlight lang="text">
| |
| % Total % Received % Xferd Average Speed Time Time Time Current
| |
| Dload Upload Total Spent Left Speed
| |
| 100 96104 100 96104 0 0 148k 0 --:--:-- --:--:-- --:--:-- 318k
| |
| </syntaxhighlight>
| |
| <syntaxhighlight lang="bash">
| |
| chmod 755 striker-installer
| |
| ls -lah ./striker-installer
| |
| </syntaxhighlight>
| |
| <syntaxhighlight lang="text">
| |
| -rwxr-xr-x. 1 root root 94K Sep 1 17:55 ./striker-installer
| |
| </syntaxhighlight>
| |
| | |
| === Using the Install Script ===
| |
| | |
| The install script works by taking command line switches. You can get a better explanation of the switches by running <span class="code">./striker-installer -h
| |
| </span>.
| |
| | |
| The Striker installer configures the system as well as load the striker software. So we're going to tell it what host name, IP addresses and credentials to use.
| |
| | |
| In this tutorial, I am building a new Striker dashboard machine I will call <span class="code">an-m03.alteeve.ca</span>. I will be setting the following values:
| |
| | |
| {|class="wikitable"
| |
| !Parameter
| |
| !Switch
| |
| !Value
| |
| !Description
| |
| |-
| |
| |[[Back-Channel Network]]
| |
| |class="code"|-b
| |
| |class="code"|10.20.4.3/16
| |
| |Sets the [[BCN]] IP address and subnet mask.
| |
| |-
| |
| |[[Internet-Facing Network]]
| |
| |class="code"|-i
| |
| |class="code"|10.255.4.3/16,dg=10.255.255.254,dns1=8.8.8.8,dns2=8.8.4.4
| |
| |Sets the [[IFN]] IP address, subnet mask, default gateway and DNS servers.
| |
| |-
| |
| |Host name
| |
| |class="code"|-n
| |
| |class="code"|an-m03.alteeve.ca
| |
| |Sets the host name of the Striker dashboard machine.
| |
| |-
| |
| |Dashboard Owner
| |
| |class="code"|-c
| |
| |class="code"|Alteeve's Niche!
| |
| |This sets the name used on the password prompt when connecting to the dashboard. It reflects the owner/manager of the dashboard and is usually a company or organization name.
| |
| |-
| |
| |Email server user and password
| |
| |class="code"|-e
| |
| |class="code"|digimer@example.com:super secret password
| |
| |This is the email account user name and password that will be used later when sending alert emails from nodes.
| |
| |-
| |
| |Mail server details
| |
| |class="code"|-m
| |
| |class="code"|mail.example.com:587
| |
| |This is the mail server address and port that will be used later when sending alert emails from nodes. It is against this server that the user name and password defined in <span class="code">-e</span> will be used.
| |
| |-
| |
| |Striker user and password
| |
| |class="code"|-u
| |
| |class="code"|admin:another secret password
| |
| |This sets the user name and password that users will use when connecting to the dashboard. {{note|1=The password defined here will be used to set the <span class="code">root</span> user's password on the Striker dashboard itself. If you want these passwords to be different, please be sure to change it when the installer finished running.}}
| |
| |}
| |
| | |
| {{note|1=If you have already configured the network, please skip the <span class="code">-b</span> and <span class="code">-i</span> switches. If you have already configured the host name, please skip the <span class="code">-n</span> switch.}}
| |
| | |
| {{note|1=This is a standard <span class="code">[[bash]]</span> call, so please be sure to quote anything with spaces and to escape special characters like <span class="code">!</span>.}}
| |
| | |
| Knowing this, the installer command will be:
| |
| | |
| <syntaxhighlight lang="bash">
| |
| ./striker-installer \
| |
| -b 10.20.4.3/16 \
| |
| -i 10.255.4.3/16,dg=10.255.255.254,dns1=8.8.8.8,dns2=8.8.4.4 \
| |
| -n an-m03.alteeve.ca \
| |
| -c "Alteeve's Niche\!" \
| |
| -e "digimer@example.com:super secret password" \
| |
| -m mail.example.com:587 \
| |
| -u "admin:another secret password"
| |
| </syntaxhighlight>
| |
| | |
| === Running the installer ===
| |
| | |
| We're specifying <span class="code">-b</span> and <span class="code">-i</span>, so the installer won't be totally autonomous. It will pause to prompt us to unplug the network cable going to the physical interface that we want to make the [[Back-Channel Network]] and the [[Internet-Facing Network]] links. Once the mapping of the interfaces is confirmed, the installer will finish running without further input.
| |
| | |
| <syntaxhighlight lang="bash">
| |
| ./striker-installer \
| |
| -b 10.20.4.3/16 \
| |
| -i 10.255.4.3/16,dg=10.255.255.254,dns1=8.8.8.8,dns2=8.8.4.4 \
| |
| -n an-m03.alteeve.ca \
| |
| -c "Alteeve's Niche\!" \
| |
| -e "digimer@example.com:super secret password" \
| |
| -m mail.example.com:587 \
| |
| -u "admin:another secret password"
| |
| </syntaxhighlight>
| |
| <syntaxhighlight lang="text">
| |
| ##############################################################################
| |
| # ___ _ _ _ The Anvil! Dashboard #
| |
| # / __| |_ _ _(_) |_____ _ _ -=] Installer #
| |
| # \__ \ _| '_| | / / -_) '_| #
| |
| # |___/\__|_| |_|_\_\___|_| #
| |
| # https://alteeve.ca/w/Striker #
| |
| ##############################################################################
| |
| | |
| [ Note ] - No specific version requested, will install: [1.1.5]
| |
| Sanity checks complete.
| |
| | |
| Checking the operating system to ensure it is compatible.
| |
| - We're on a RHEL (based) OS, good. Checking version.
| |
| - Looks good! You're on: [6.5]
| |
| Done.
| |
| | |
| Backing up some network related system files.
| |
| - The backup directory: [/root/anvil] doesn't exist, creting it.
| |
| - Backup directory successfully created.
| |
| - Backing up: [/etc/udev/rules.d/70-persistent-net.rules]
| |
| - It exists, backing it up.
| |
| - Copying: [/etc/udev/rules.d/70-persistent-net.rules] to: [/root/anvil/]
| |
| - Backing up: [/etc/sysconfig/network-scripts]
| |
| - Copying: [/etc/sysconfig/network-scripts] to: [/root/anvil/]
| |
| Done.
| |
| | |
| Making sure all network interfaces are up.
| |
| - The network interface: [eth1] is down. It must be started for the next stage.
| |
| - Checking if: [/etc/sysconfig/network-scripts/ifcfg-eth1] exists.
| |
| - Config file exists, changing BOOTPROTO to 'none'.
| |
| - Attempting to bring up: [eth1]...
| |
| - Checking to see if it is up now.
| |
| - The interface: [eth1] is now up!
| |
| Done.
| |
| | |
| -=] Configuring network to enable access to Anvil! systems.
| |
| | |
| Beginning NIC identification...
| |
| - Please unplug the interface you want to make:
| |
| - [Back-Channel Network, Link 1]
| |
| </syntaxhighlight>
| |
| | |
| {{note|1=If you are running the installer over the network, you will not see any output when you unplug the active cable. That is ok, just wait a second and then plug it back in.}}
| |
| | |
| Unplug the network cable going to the physical interface that you want to use to connect to the [[BCN]].
| |
| | |
| <syntaxhighlight lang="text">
| |
| - NIC with MAC: [02:0c:9d:02:a0:9e] will become: [bcn-link1]
| |
| - (it is currently: [eth1])
| |
| - Please plug in all network cables to proceed.
| |
| </syntaxhighlight>
| |
| | |
| Now plug it back in again.
| |
| | |
| <syntaxhighlight lang="text">
| |
| - Please unplug the interface you want to make:
| |
| - [Internet-Facing Network, Link 1]
| |
| </syntaxhighlight>
| |
| | |
| As before, unplug the cable going to the interface you want to use to connect to the [[IFN]].
| |
| | |
| <syntaxhighlight lang="text">
| |
| - NIC with MAC: [10:bf:48:24:69:2e] will become: [ifn-link1]
| |
| - (it is currently: [eth0])
| |
| - Please plug in all network cables to proceed.
| |
| </syntaxhighlight>
| |
| | |
| Plug it back in again.
| |
| | |
| {{note|1=The network configuration will be updated, but the in-use configuration will '''not''' change until the Striker machine is rebooted.}}
| |
| | |
| If you are happy with how the network will be reconfigured, press <span class="code"><enter></span>. If you want to try again, simply type <span class="code">n</span> and then press <span class="code"><enter></span>.
| |
| | |
| <syntaxhighlight lang="text">
| |
| Here is what you selected:
| |
| - Interface: [02:0C:9D:02:A0:9E], currently named: [eth1],
| |
| - will be renamed to: [bcn-link1]
| |
| - Interface: [10:BF:48:24:69:2E], currently named: [eth0],
| |
| - will be renamed to: [ifn-link1]
| |
| | |
| The Back-Channel Network interface will be set to:
| |
| - IP: [10.20.4.3]
| |
| - Netmask: [255.255.0.0]
| |
| | |
| The Internet-Facing Network interface will be set to:
| |
| - IP: [10.255.4.3]
| |
| - Netmask: [255.255.0.0]
| |
| - Gateway: [10.255.255.254]
| |
| - DNS1: [8.8.8.8]
| |
| - DNS2: [8.8.4.4]
| |
| | |
| Shall I proceed? [Y/n]
| |
| </syntaxhighlight>
| |
| | |
| Looks good, so we will proceed.
| |
| | |
| This is a good time to go make a coffee, it might take a little while to finish, particularly if this is a fresh minimal install. The installer will run OS updates as well as install all needed packages.
| |
| | |
| {{note|1=During the install of packages, it might appear that the installer has hung. Please be patient! Buffering causes output to not be shown for a while. It is extremely unlikely that the installer has hung, and waiting is usually all that is needed.}}
| |
| | |
| <syntaxhighlight lang="text">
| |
| - Thank you, I will start to work now.
| |
| | |
| Writing the new udev rules file: [/etc/udev/rules.d/70-persistent-net.rules]
| |
| Done.
| |
| | |
| Deleting old network configuration files:
| |
| - Deleting file: [/etc/sysconfig/network-scripts/ifcfg-eth1]
| |
| - Deleting file: [/etc/sysconfig/network-scripts/ifcfg-wlan0]
| |
| - Deleting file: [/etc/sysconfig/network-scripts/ifcfg-eth0]
| |
| Done.
| |
| | |
| Writing new network configuration files.
| |
| - IFN Link 1: [/etc/sysconfig/network-scripts/ifcfg-ifn-link1]
| |
| - BCN Link 1: [/etc/sysconfig/network-scripts/ifcfg-bcn-link1]
| |
| Done.
| |
| | |
| Configuring this system's host name.
| |
| - Reading in the existing hostname file.
| |
| - Writing out the new version.
| |
| Done.
| |
| | |
| -=] Beginning configuration and installation processes now. [=-
| |
| | |
| Checking if anything needs to be installed.
| |
| - The AN!Repo hasn't been added yet, adding it now.
| |
| - Added. Clearing yum's cache.
| |
| - output: [Loaded plugins: fastestmirror]
| |
| - output: [Cleaning repos: an-repo base extras updates]
| |
| - output: [Cleaning up Everything]
| |
| - Done!
| |
| </syntaxhighlight>
| |
| | |
| The OS will update at this point. If there are a lot of updates needed, this could take a while.
| |
| | |
| <syntaxhighlight lang="text">
| |
| ==============================================================================
| |
| Loaded plugins: fastestmirror
| |
| Determining fastest mirrors
| |
| * base: less.cogeco.net
| |
| * extras: less.cogeco.net
| |
| * updates: centos.bhs.mirrors.ovh.net
| |
| Setting up Update Process
| |
| Resolving Dependencies
| |
| --> Running transaction check
| |
| | |
| <snip>
| |
| | |
| Complete!
| |
| ==============================================================================
| |
| Done.
| |
| | |
| Getting a list of currently installed packages.
| |
| - ............................................................................
| |
| - .............................................................................
| |
| - ...............................................................
| |
| Done!
| |
| | |
| Checking to see if any packages need to be installed.
| |
| - Package: [acpid] needs to be installed.
| |
| - Package: [ccs] needs to be installed.
| |
| - Package: [cyrus-sasl] already installed.
| |
| - Package: [cyrus-sasl-plain] needs to be installed.
| |
| - Package: [expect] needs to be installed.
| |
| - Package: [fence-agents] needs to be installed.
| |
| - Package: [guacd] needs to be installed.
| |
| - Package: [httpd] needs to be installed.
| |
| - Package: [libcdio] needs to be installed.
| |
| - Package: [libguac-client-rdp] needs to be installed.
| |
| - Package: [libguac-client-ssh] needs to be installed.
| |
| - Package: [libguac-client-vnc] needs to be installed.
| |
| - Package: [man] needs to be installed.
| |
| - Package: [mlocate] needs to be installed.
| |
| - Package: [mod_ssl] needs to be installed.
| |
| - Package: [ntp] needs to be installed.
| |
| - Package: [openssl-devel] needs to be installed.
| |
| - Package: [perl-CGI] needs to be installed.
| |
| - Package: [perl-CPAN] needs to be installed.
| |
| - Package: [perl-Net-SSH2] needs to be installed.
| |
| - Package: [perl-Net-SSLeay] needs to be installed.
| |
| - Package: [perl-TermReadKey] needs to be installed.
| |
| - Package: [perl-Test-Simple] needs to be installed.
| |
| - Package: [perl-YAML-Tiny] needs to be installed.
| |
| - Package: [policycoreutils-python] needs to be installed.
| |
| - Package: [postfix] already installed.
| |
| - Package: [rsync] needs to be installed.
| |
| - Package: [screen] needs to be installed.
| |
| - Package: [syslinux] needs to be installed.
| |
| - Package: [tomcat6] needs to be installed.
| |
| - Package: [vim-common] needs to be installed.
| |
| - Package: [wget] needs to be installed.
| |
| - Done
| |
| </syntaxhighlight>
| |
| | |
| As with the operating system updates above, if many packages need to be installed, this could take a while.
| |
| | |
| <syntaxhighlight lang="text">
| |
| Installing missing packages now. Please be patient.
| |
| ==============================================================================
| |
| Loaded plugins: fastestmirror
| |
| Loading mirror speeds from cached hostfile
| |
| * base: less.cogeco.net
| |
| * extras: less.cogeco.net
| |
| * updates: centos.bhs.mirrors.ovh.net
| |
| Setting up Install Process
| |
| Resolving Dependencies
| |
| --> Running transaction check
| |
| | |
| <snip>
| |
| | |
| Complete!
| |
| ==============================================================================
| |
| Done.
| |
| | |
| Getting a list of currently installed packages.
| |
| - ............................................................................
| |
| - .............................................................................
| |
| - .............................................................................
| |
| - .............................................................................
| |
| - .............................................................................
| |
| - .................
| |
| Done!
| |
| | |
| Verifying that everything is installed now.
| |
| - Package: [acpid] installed.
| |
| - Package: [ccs] installed.
| |
| - Package: [cyrus-sasl] installed.
| |
| - Package: [cyrus-sasl-plain] installed.
| |
| - Package: [expect] installed.
| |
| - Package: [fence-agents] installed.
| |
| - Package: [guacd] installed.
| |
| - Package: [httpd] installed.
| |
| - Package: [libcdio] installed.
| |
| - Package: [libguac-client-rdp] installed.
| |
| - Package: [libguac-client-ssh] installed.
| |
| - Package: [libguac-client-vnc] installed.
| |
| - Package: [man] installed.
| |
| - Package: [mlocate] installed.
| |
| - Package: [mod_ssl] installed.
| |
| - Package: [ntp] installed.
| |
| - Package: [openssl-devel] installed.
| |
| - Package: [perl-CGI] installed.
| |
| - Package: [perl-CPAN] installed.
| |
| - Package: [perl-Net-SSH2] installed.
| |
| - Package: [perl-Net-SSLeay] installed.
| |
| - Package: [perl-TermReadKey] installed.
| |
| - Package: [perl-Test-Simple] installed.
| |
| - Package: [perl-YAML-Tiny] installed.
| |
| - Package: [policycoreutils-python] installed.
| |
| - Package: [postfix] installed.
| |
| - Package: [rsync] installed.
| |
| - Package: [screen] installed.
| |
| - Package: [syslinux] installed.
| |
| - Package: [tomcat6] installed.
| |
| - Package: [vim-common] installed.
| |
| - Package: [wget] installed.
| |
| - All required packages are now installed.
| |
| </syntaxhighlight>
| |
| | |
| If everything installed properly, the latest version of Striker will be downloaded (if needed) and installed.
| |
| | |
| <syntaxhighlight lang="text">
| |
| Downloading Striker, if needed.
| |
| - Downloading version: [1.1.5] from: [https://github.com/digimer/an-cdb/archive/1.1.5.tar.gz]
| |
| ==============================================================================
| |
| --2014-09-01 19:36:27-- https://github.com/digimer/an-cdb/archive/1.1.5.tar.gz
| |
| Resolving github.com... 192.30.252.131
| |
| Connecting to github.com|192.30.252.131|:443... connected.
| |
| HTTP request sent, awaiting response... 302 Found
| |
| Location: https://codeload.github.com/digimer/an-cdb/tar.gz/1.1.5 [following]
| |
| --2014-09-01 19:36:27-- https://codeload.github.com/digimer/an-cdb/tar.gz/1.1.5
| |
| Resolving codeload.github.com... 192.30.252.147
| |
| Connecting to codeload.github.com|192.30.252.147|:443... connected.
| |
| HTTP request sent, awaiting response... 200 OK
| |
| Length: unspecified [application/x-gzip]
| |
| Saving to: `1.1.5.tar.gz'
| |
| | |
| [ <=> ] 1,437,924 1.24M/s in 1.1s
| |
| | |
| 2014-09-01 19:36:29 (1.24 MB/s) - `1.1.5.tar.gz' saved [1437924]
| |
| | |
| ==============================================================================
| |
| - Download complete.
| |
| - Extracting: [1.1.5.tar.gz]
| |
| - Output: [an-cdb-1.1.5/]
| |
| - Output: [an-cdb-1.1.5/CHANGELOG]
| |
| - Output: [an-cdb-1.1.5/README.md]
| |
| - Output: [an-cdb-1.1.5/an-cluster_setup.pl]
| |
| - Output: [an-cdb-1.1.5/an.conf]
| |
| - Output: [an-cdb-1.1.5/anvil_setup]
| |
| - Output: [an-cdb-1.1.5/cgi-bin/]
| |
| - Output: [an-cdb-1.1.5/cgi-bin/an-cdb]
| |
| - Output: [an-cdb-1.1.5/cgi-bin/an-cdb.lib]
| |
| - Output: [an-cdb-1.1.5/cgi-bin/an-cluster.lib]
| |
| - Output: [an-cdb-1.1.5/cgi-bin/an-mc]
| |
| - Output: [an-cdb-1.1.5/cgi-bin/an-mc.lib]
| |
| - Output: [an-cdb-1.1.5/cgi-bin/common.lib]
| |
| - Output: [an-cdb-1.1.5/cgi-bin/common.xml]
| |
| - Output: [an-cdb-1.1.5/cgi-bin/strings.xml]
| |
| - Output: [an-cdb-1.1.5/guacamole/]
| |
| - Output: [an-cdb-1.1.5/guacamole/README]
| |
| - Output: [an-cdb-1.1.5/guacamole/guacamole-0.9.2.war]
| |
| - Output: [an-cdb-1.1.5/guacamole/guacamole-auth-noauth-0.9.2.jar]
| |
| - Output: [an-cdb-1.1.5/guacamole/guacamole.properties]
| |
| - Output: [an-cdb-1.1.5/guacamole/noauth-config.xml]
| |
| - Output: [an-cdb-1.1.5/html/]
| |
| - Output: [an-cdb-1.1.5/html/an-cdb.css]
| |
| - Output: [an-cdb-1.1.5/html/an-cdb.js]
| |
| - Output: [an-cdb-1.1.5/html/favicon.ico]
| |
| - Output: [an-cdb-1.1.5/html/index.html]
| |
| - Output: [an-cdb-1.1.5/html/jquery-latest.js]
| |
| - Output: [an-cdb-1.1.5/html/skins/]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/common.css]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/common.html]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/common.js]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/config.html]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/anvil-url_16x16.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/back.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/gather_info.gif]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/hard-drive-with-led_128x128.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/hard-drive_128x128.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/icon_clear-fields_16x16.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/icon_server-desktop_n01.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/icon_server-desktop_n02.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/icon_server-desktop_offline.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/icon_server-desktop_oops.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/logo_striker_01.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/raid_battery_128x128.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/raid_controller_128x128.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/raid_logical-disk_128x128.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/refresh.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/images/t.png]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/jquery-latest.js]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/lsi-storage.html]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/main-page.html]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/media-library.html]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/select-anvil.html]
| |
| - Output: [an-cdb-1.1.5/html/skins/alteeve/server.html]
| |
| - Output: [an-cdb-1.1.5/striker-installer]
| |
| - Output: [an-cdb-1.1.5/tools/]
| |
| - Output: [an-cdb-1.1.5/tools/99-an-usb.rules]
| |
| - Output: [an-cdb-1.1.5/tools/an-cluster_setup.pl]
| |
| - Output: [an-cdb-1.1.5/tools/an-cm]
| |
| - Output: [an-cdb-1.1.5/tools/an-cm.lib]
| |
| - Output: [an-cdb-1.1.5/tools/an-usb-insert]
| |
| - Output: [an-cdb-1.1.5/tools/an-usb-remove]
| |
| - Output: [an-cdb-1.1.5/tools/an-usb.conf]
| |
| - Output: [an-cdb-1.1.5/tools/an-usb.lib]
| |
| - Output: [an-cdb-1.1.5/tools/archive_an-cm.log.sh]
| |
| - Output: [an-cdb-1.1.5/tools/archive_megasas.log.sh]
| |
| - Output: [an-cdb-1.1.5/tools/backup_node_config.sh]
| |
| - Output: [an-cdb-1.1.5/tools/bond_watch]
| |
| - Output: [an-cdb-1.1.5/tools/call_gather-system-info]
| |
| - Output: [an-cdb-1.1.5/tools/call_gather-system-info.c]
| |
| - Output: [an-cdb-1.1.5/tools/check_dvd]
| |
| - Output: [an-cdb-1.1.5/tools/check_dvd.c]
| |
| - Output: [an-cdb-1.1.5/tools/do_dd]
| |
| - Output: [an-cdb-1.1.5/tools/do_dd.c]
| |
| - Output: [an-cdb-1.1.5/tools/gather-system-info]
| |
| - Output: [an-cdb-1.1.5/tools/generate_tz_list]
| |
| - Output: [an-cdb-1.1.5/tools/oui_parser]
| |
| - Output: [an-cdb-1.1.5/tools/restart_guacd]
| |
| - Output: [an-cdb-1.1.5/tools/restart_guacd.c]
| |
| - Output: [an-cdb-1.1.5/tools/restart_tomcat6]
| |
| - Output: [an-cdb-1.1.5/tools/restart_tomcat6.c]
| |
| - Output: [an-cdb-1.1.5/tools/safe_anvil_start]
| |
| - Output: [an-cdb-1.1.5/version]
| |
| - Will use the source directory: [./an-cdb-1.1.5]
| |
| Done.
| |
| | |
| Configuring Apache.
| |
| - Backing up original files.
| |
| - Copying: [/etc/httpd] to: [/root/anvil/]
| |
| - Reading in the existing system user file.
| |
| - Writing out the new version.
| |
| - Creating the apache home directories.
| |
| - Creating: [/var/www/home].
| |
| - Creating: [/var/www/home/archive].
| |
| - Creating: [/var/www/home/cache].
| |
| - Creating: [/var/www/home/media].
| |
| - Creating: [/var/www/home/status].
| |
| - Setting ownership to: [apache:apache].
| |
| - Setting mode to: [0775].
| |
| - Setting up Striker's authentication via Apache's htpasswd...
| |
| - Generating: [admin]'s: [/var/www/home/htpasswd] password file.
| |
| Adding password for user admin
| |
| - Reading in the existing config file and adjusting as needed.
| |
| - Writing out the new version.
| |
| Done.
| |
| | |
| Configuring Tomcat.
| |
| - Backing up: [/etc/tomcat6/server.xml].
| |
| - Copying: [/etc/tomcat6/server.xml] to: [/root/anvil/]
| |
| - Reading in the existing tomcat server configuration server.
| |
| - Writing out the new version.
| |
| Done.
| |
| | |
| Configuring guacamole
| |
| - Creating the Guacamole configuration directory.
| |
| - Creating the Guacamole Tomcat directory.
| |
| - Creating the Guacamole library directory.
| |
| - Creating the Guacamole classpath directory.
| |
| - Copying the 'auth-noauth' module into place.
| |
| - Copying: [./an-cdb-1.1.5/guacamole/guacamole-auth-noauth-0.9.2.jar]
| |
| to: [/var/lib/guacamole/classpath/]
| |
| - Copying the 'auth-noauth' module into place.
| |
| - Copying: [./an-cdb-1.1.5/guacamole/noauth-config.xml]
| |
| to: [/etc/guacamole/]
| |
| - Copying: [./an-cdb-1.1.5/guacamole/guacamole-0.9.2.war]
| |
| to: [/var/lib/guacamole]
| |
| - Creating guacamole web archive symlink.
| |
| - Symlink created successfully.
| |
| - Copying: [./an-cdb-1.1.5/guacamole/guacamole.properties]
| |
| to: [/etc/guacamole/]
| |
| - Creating guacamole properties symlink.
| |
| - Symlink created successfully.
| |
| Done.
| |
| </syntaxhighlight>
| |
| | |
| The next step creates SSH keys for the <span class="code">apache</span> user. If you are installing Striker on a light-weight computer/appliance, the time needed to collect entropy could be lengthy.
| |
| | |
| <syntaxhighlight lang="text">
| |
| Configuring SSH daemon to allow faster logins.
| |
| - Backing up: [/etc/ssh/sshd_config].
| |
| - Copying: [/etc/ssh/sshd_config] to: [/root/anvil/]
| |
| - Reading in the existing ssh daemon configuration file.
| |
| - Writing out the new version.
| |
| - Generating: [apache]'s RSA keys.
| |
| [ Note ] - Please be patient! It might take time to collect entropy.
| |
| - Output: [Generating public/private rsa key pair.]
| |
| - Output: [Created directory '/var/www/home/.ssh'.]
| |
| - Output: [Your identification has been saved in /var/www/home/.ssh/id_rsa.]
| |
| - Output: [Your public key has been saved in /var/www/home/.ssh/id_rsa.pub.]
| |
| - Output: [The key fingerprint is:]
| |
| - Output: [17:f2:f3:bf:da:c9:a7:60:75:7b:2f:79:27:65:30:0e apache@an-m03.alteeve.ca]
| |
| - Output: [The key's randomart image is:]
| |
| - Output: [+--[ RSA 8191]----+]
| |
| - Output: [| |]
| |
| - Output: [| |]
| |
| - Output: [| . . |]
| |
| - Output: [| o .E o |]
| |
| - Output: [| S + o.o.|]
| |
| - Output: [| . o ...+|]
| |
| - Output: [| + =.|]
| |
| - Output: [| . =+.*|]
| |
| - Output: [| ..BBo|]
| |
| - Output: [+-----------------+]
| |
| Done.
| |
| | |
| Configuring the firewall to allow normal and secure web access.
| |
| - Backing up: [/etc/sysconfig/iptables].
| |
| - Copying: [/etc/sysconfig/iptables] to: [/root/anvil/]
| |
| - Reading the current firewall configuration.
| |
| - Opening access for standard web access.
| |
| - Opening access for secure web access.
| |
| - Saving the new iptables configuration.
| |
| Done.
| |
| | |
| Copying Striker program files into place.
| |
| - Backing up: [/var/www].
| |
| - Copying: [/var/www] to: [/root/anvil/]
| |
| - Copying HTML files and skins.
| |
| - Copying executable files and languages.
| |
| - Copying tools.
| |
| - Creating the Striker configuration directory.
| |
| - Copying base Striker configuration file.
| |
| - Copying: [./an-cdb-1.1.5/an.conf]
| |
| to: [/etc/an]
| |
| - Updating mail server values in Striker's configuration file.
| |
| - Writing out the new version.
| |
| Done.
| |
| | |
| - Creating empty Striker log file.
| |
| Done.
| |
| | |
| Setting ownership and permissions/modes on Striker files.
| |
| - On: [/var/www],
| |
| Setting ownership and mode to: [apache:apache] and: [g+w], respectively.
| |
| - On: [/etc/guacamole/noauth-config.xml],
| |
| Setting ownership and mode to: [root:apache] and: [0664], respectively.
| |
| - On: [/etc/hosts],
| |
| Setting ownership and mode to: [root:apache] and: [g+w], respectively.
| |
| - On: [/etc/ssh/ssh_config],
| |
| Setting ownership and mode to: [root:apache] and: [g+w], respectively.
| |
| - On: [/etc/an/an.conf],
| |
| Setting ownership and mode to: [apache:apache] and: [0660], respectively.
| |
| - On: [/etc/an],
| |
| Setting ownership and mode to: [apache:apache] and: [g+w], respectively.
| |
| - On: [/var/log/an-cdb.log],
| |
| Setting ownership and mode to: [apache:apache] and: [g+w], respectively.
| |
| - On: [/var/www/tools/call_gather-system-info],
| |
| Setting ownership and mode to: [root:root] and: [6755], respectively.
| |
| - On: [/var/www/tools/check_dvd],
| |
| Setting ownership and mode to: [root:root] and: [6755], respectively.
| |
| - On: [/var/www/tools/do_dd],
| |
| Setting ownership and mode to: [root:root] and: [6755], respectively.
| |
| - On: [/var/www/tools/restart_guacd],
| |
| Setting ownership and mode to: [root:root] and: [6755], respectively.
| |
| - On: [/var/www/tools/restart_tomcat6],
| |
| Setting ownership and mode to: [root:root] and: [6755], respectively.
| |
| Done.
| |
| </syntaxhighlight>
| |
| | |
| All of the services that are set to be stopped will be told to stop. If those services are not installed, they will throw a harmless error.
| |
| | |
| Similarly, all services set to be enables will be restarted. If they were not running yet, then you will see a harmless <span class="code">[FAILED]</span> message on the stop portion of the restart.
| |
| | |
| <syntaxhighlight lang="text">
| |
| Configuring daemons to start/stop on boot and start/stop daemons.
| |
| - Disabling: [ip6tables] on boot and stopping it.
| |
| - Output: [ip6tables: Setting chains to policy ACCEPT: filt[ OK ]]
| |
| - Output: [ip6tables: Flushing firewall rules: [ OK ]]
| |
| - Output: [ip6tables: Unloading modules: [ OK ]]
| |
| - Enabling: [iptables] on boot and (re)starting it.
| |
| - Output: [iptables: Setting chains to policy ACCEPT: filte[ OK ]]
| |
| - Output: [iptables: Flushing firewall rules: [ OK ]]
| |
| - Output: [iptables: Unloading modules: [ OK ]]
| |
| - Output: [iptables: Applying firewall rules: [ OK ]]
| |
| - Enabling: [httpd] on boot and (re)starting it.
| |
| - Output: [Stopping httpd: [FAILED]]
| |
| httpd: apr_sockaddr_info_get() failed for an-m03.alteeve.ca
| |
| httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
| |
| - Output: [Starting httpd: [ OK ]]
| |
| - Enabling: [haldaemon] on boot and (re)starting it.
| |
| - Output: [Stopping HAL daemon: [FAILED]]
| |
| - Output: [Starting HAL daemon: [FAILED]]
| |
| - Enabling: [acpid] on boot and (re)starting it.
| |
| - Output: [Stopping acpi daemon: [FAILED]]
| |
| - Output: [Starting acpi daemon: [ OK ]]
| |
| - Enabling: [tomcat6] on boot and (re)starting it.
| |
| - Output: [Stopping tomcat6: [ OK ]]
| |
| - Output: [Starting tomcat6: [ OK ]]
| |
| - Enabling: [guacd] on boot and (re)starting it.
| |
| - Output: [Stopping guacd: [FAILED]]
| |
| guacd[11178]: INFO: Guacamole proxy daemon (guacd) version 0.9.2
| |
| guacd[11178]: INFO: Successfully bound socket to host ::1, port 4822
| |
| guacd[11178]: INFO: Exiting and passing control to PID 11179
| |
| guacd[11179]: INFO: Exiting and passing control to PID 11180
| |
| - Output: [Starting guacd: [ OK ]]
| |
| - Enabling: [ntpd] on boot and (re)starting it.
| |
| - Output: [Shutting down ntpd: [FAILED]]
| |
| - Output: [Starting ntpd: [ OK ]]
| |
| Done.
| |
| | |
| Making sure that selinux is permissive.
| |
| - Backing up: [/etc/selinux/config].
| |
| - Copying: [/etc/selinux/config] to: [/root/anvil/]
| |
| - Reading in the existing selinux config file.
| |
| - Setting selinux to 'permissive'.
| |
| - Writing out the new version.
| |
| Done.
| |
| | |
| Setting root user's password.
| |
| - Output: [Changing password for user root.]
| |
| - Output: [passwd: all authentication tokens updated successfully.]
| |
| Done!
| |
| | |
| ##############################################################################
| |
| # NOTE: Your 'root' user password is now the same as the Striker user's #
| |
| # password you just specified. If you want a different password, #
| |
| # change it now with 'passwd'! #
| |
| ##############################################################################
| |
| | |
| | |
| [ Warning ] - You may need to reboot the network if the network interfances
| |
| [ Warning ] - were renamed. Simply restarting the network will likely not
| |
| [ Warning ] - work.
| |
| | |
| Installation of Striker is complete!
| |
| </syntaxhighlight>
| |
| | |
| As you see in the final '''note''', the <span class="code">root</span> user's password was changed. If you want the dashboard's <span class="code">root</span> password to differ from the main striker password, be sure to call <span class="code">passwd</span> to change it.
| |
| | |
| In this install, a new kernel was installed during the OS update process and the network interfaces were renamed. So we need to restart the dashboard.
| |
| | |
| <syntaxhighlight lang="bash">
| |
| reboot
| |
| </syntaxhighlight>
| |
| <syntaxhighlight lang="text">
| |
| Broadcast message from root@an-m03.alteeve.ca
| |
| (/dev/pts/0) at 19:55 ...
| |
| | |
| The system is going down for reboot NOW!
| |
| [root@localhost ~]# Connection to 10.255.1.10 closed by remote host.
| |
| Connection to 10.255.1.10 closed.
| |
| </syntaxhighlight>
| |
| | |
| When the dashboard server boots back up, you will be able to connect to it using your favourite web browser.
| |
| | |
| = Configuring a New Striker Dashboard =
| |
| | |
| {{note|1=I prefer to use host names instead of IP addresses. As such, I have added the hostname <span class="code">an-m03</span> to my <span class="code">/etc/hosts</span> file, which I will use for the rest of this tutorial. You are free to use the raw IP address if you wish.}}
| |
| | |
| {{note|1=There is '''no default password'''. If you forget your password, you will need to re-run the install script with the <span class="code">-u "user:password"</span> switch to reset it.}}
| |
| | |
| When you first connect to the new dashboard, you will be prompted for a user name and password. Use the values you set with the <span class="code">-u</span> switch during the install. Once logged in, you will be told that no ''Anvil!'' systems have been defined.
| |
| | |
| {|class="wikitable"
| |
| |[[Image:striker_first-connect.png|center|400px|thumb|Credential prompt.]]
| |
| |[[Image:striker_new-dashboard.png|center|400px|thumb|New Dashboard!]]
| |
| |}
| |
| | |
| The first thing to do is the click on <span class="code">Manage</span> and make sure the global variables are set the way you like. These control how mail is delivered and will be used for all ''Anvil!'' systems you define, unless you provide an override for a given ''Anvil!''.
| |
| | |
| {|class="wikitable"
| |
| |[[Image:striker_initial-global-variable-form.png|center|400px|thumb|Configure global values.]]
| |
| |[[Image:striker_updating-initial-global-variables.png|center|400px|thumb|Updating the global <span class="code"></span>Alert Recipient(s).]]
| |
| |[[Image:striker_saving-changes-to-global-variables.png|center|400px|thumb|Saving changes to the global variables.]]
| |
| |}
| |
| | |
| Now that the global variables are set, let's add our first ''Anvil!'' system!
| |
| | |
| {|class="wikitable"
| |
| |[[Image:striker_click-on-new-anvil-button.png|center|400px|thumb|Click on the '<span class="code">New</span>' button to add our first ''Anvil!''.]]
| |
| |[[Image:striker_configure-first-anvil.png|center|400px|thumb|Add the information for the first ''Anvil!''.]]
| |
| |[[Image:striker_saving-first-anvil.png|center|400px|thumb|Global variables are fine for this ''Anvil!'', so no overrides are set. Click on '<span class="code">Save</span>'.]]
| |
| |-
| |
| |[[Image:striker_first-anvil-saved.png|center|400px|thumb|Your first ''Anvil!'' has been added!]]
| |
| |[[Image:striker_editing-first-anvil.png|center|400px|thumb|You can now edit or delete this ''Anvil!'' if you wish.]]
| |
| |[[Image:striker_first-anvil-added.png|center|400px|thumb|Back on the main configuration page, we see our ''Anvil!'' now.]]
| |
| |}
| |
| | |
| {{note|1=To delete an ''Anvil!'' from your dashboard, open it as if you were going to edit it and click on the small red "x" icon, which will clear the form. Save the now-empty form and that ''Anvil!'' will be removed.}}
| |
| | |
| Now when you go back to the main page, you will see the newly added ''Anvil!'' in the list where the "<span class="code">New</span>" massage was. Click on the name of your newly added ''Anvil!'' and, assuming everything was entered correctly, you will be able to manage it right away!
| |
| | |
| {|class="wikitable"
| |
| |[[Image:striker_connecting-to-the-new-anvil.png|center|400px|thumb|Once selected, we're in. Pretty easy, eh?]]
| |
| |}
| |
| | |
| If you only have one ''Anvil!'' defined, future connections to the dashboard will immediately select it. If you want to get back to the configuration menu, simply click on the title logo.
| |
| | |
| <span class="code"></span>
| |
| <syntaxhighlight lang="bash">
| |
| </syntaxhighlight>
| |
| <syntaxhighlight lang="text">
| |
| </syntaxhighlight>
| |
| | |
| = Monitor =
| |
| | |
| The monitor application is based around a "[[Striker API]]". The monitor itself acts as a daemon that calls scanner agents it finds inn the <span class="code">cgi-bin/scan.d</span> directory.
| |
|
| |
|
| {{footer}} | | {{footer}} |
