October 12th, 2009
There is a lot of monitor software. All of them allow you to kept the server statistic for future analysis. Some of them even alert you when you server is going down or breach some value.
A lot of people asking the same question. We knew that we need to monitor the server, keep the eyes on it, act when it down. But which one is the right value that we need to keep the eyes on it?
Here is some of my suggestion:
- Process Utilization, this will tell you about the work load of your server. If it go over 50%, consider to optimize your application.
- Disk Queue Length, this will tell you about the waiting time. If it go over 2, consider to check your hard drive healthy. If your hard drive is functional well, consider to increase number of disk.
- Swap allocation, on the unix environment it is not normal to have a swap file allocate. Please consider to increase amount of server memory once you saw swap file allocated.
- TCP connection, if you’re running the web server and having huge of TCP SYN-sent, check your web server. Your server may infect with some sort of botnet that user your server keep trying to connect to the other server.
There is some parameter that your may consider
- Number of Process, it can spike some time when: 1) you are under attack 2) you web server waiting the Disk I/O for too long 3) infect some botnet
- Load Average, should not exceed number of CPU Core * 2
- Logged in Users, should be always zero (0) unless you allow SSH for your customer
- Disk Free Space, always maintain your free space otherwise MySQL will not functional, loss of new data file (zero filesize), can’t start the system service.
Tags: centos, monitoring
Posted in Uncategorized | No Comments »
October 9th, 2009
Using following code and schedule using cronjob
#!/bin/sh
output_name=/[part_to_backup]/mysql.db.`date +%Y%m%d%H%M`.sql
mysqldump -u[db_user] -p[db_password] –all-databases > $output_name
gzip $output_name
ncftpput -u [ftp_user] -p [ftp_password] [ftp_server_ip] / $output_name.gz
rm -Rf $output_name.gz
Make sure that you install ncftpput collectly.
Note: There is no space between -u and [db_user] and -p [db_password]
#!/bin/sh
output_name=mysql.db.`date +%Y%m%d%H%M`.sql
mysqldump -uda_admin -pc3Fkt7k9 –all-databases > /home/admin/admin_backups/$output_name
gzip /home/admin/admin_backups/$output_name
ncftpput -u backup-h02 -p nvhgpq83tu 192.168.20.157 / /home/admin/admin_backups/$output_name.gz
rm -Rf /home/admin/admin_backups/$output_name.g
Tags: backup, ftp, gzip, mysql, ncftp
Posted in Uncategorized | No Comments »
October 8th, 2009
Warning!!!…. please verified your firewall rule before make any change to your sshd config, otherwise you may not able to access via SSH ever.
- Login to your server using ssh client (less prefer) or console (very much prefer) as root
- locate file sshd_config default path is /etc/ssh/sshd_config
- using your favorite text editor to edit the sshd config file (my only text editor is vi)
vi /etc/ssh/sshd_config
- looking for line start with Port (default value is Port 22)
- change to any port number that you can easily to remember, you can used any port grater than 1024
- if there is any # mark in front of Port, remove the #
- save the file and exit to shell
- Warning again…. before restart please verified your firewall rule, you must allow the connection on port as specific in #5
- restart sshd using command “/etc/init.d/sshd restart” or “service sshd restart”
- This is a good idea to leave your current ssh session
- open another ssh client window, try to connect to your server using a new port as specific in #5
- if any thing go well you good for now, otherwise go back to ssh session that you leave it open and verified the sshd_config and the firewall rule again
- This is a good idea to prevent login to ssh using root at first, locate line start with PermitRootLogin than change the value to False then restart the sshd and try to login as root from ssh client. you should not able to login as root
Note: Use this article at your own risk, remember verified the firewall rule before restart the sshd service, otherwise you will loss ssh connection.
Tags: centos, ssh, sshd, tcp port
Posted in Uncategorized | No Comments »
September 29th, 2009
My custom cacti (version 0.8.7d) installation is already included following plugins:
- Plugin Architecture (a must to install)
- Settings (allow you to config email for cacti’s user)
- Monitor (graphical monitoring system with sound alert)
- thold (alert if there is breaching of value in you graphs)
- tools (little stuff that help you)
- hostinfo (see how’s is you host)
You can download HERE
Before you begin
- make sure you installed the mysql, php, apache
#yum install mysql mysql-server httpd php php-mysql
- make sure you installed the net-snmp, net-snmp-utils, rrdtool
#rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
#yum install net-snmp net-snmp-utils rrdtool
- download my custom cacti installation package
Let’s start
- download my custom installation package
wget http://www.dinonet.info/media/699/cacti-0.8.7d.complete.tar.gz
- Untar cacti-0.8.7d.complete.tar.gz
# tar zxf cacti-0.8.7d.complete.tar.gz
- copy to www directory
# cp -R cacti-0.8.7d.complete /var/www/cacti
- create mysql database for cacti
# mysql -p
enter root’s password
mysql> create database cactidb;
Query OK, 1 row affected (0.07 sec)
mysql> quit;
- import cacti’s original database from script
# mysql -u root -p cactidb < /var/www/cacti/sql/0.cacti.sql
enter root’s password
- config apache virtual directory
create file cacti.conf in /etc/httpd/conf.d/
# vi /etc/httpd/conf.d/cacti.conf
enter following configuration
Alias /cacti /var/www/cacti
<Directory /var/www/cacti/>
Order Deny,Allow
Allow from all
</Directory>
- Go to you browser, logon to cacti to complete cacti’s original installation process
go to http://<your server>/cacti
login with default username “admin” and password “admin”
cacti will be force to change the password
- Get back to secure shell, import plugins database to cacti’s db
# mysql -u root -p cactidb < /var/www/cacti/sql/1.pa.sql
enter root’s password
# mysql -u root -p cactidb < /var/www/cacti/sql/2.monitor.sql
enter root’s password
# mysql -u root -p cactidb < /var/www/cacti/sql/3.thold.sql
enter root’s password
- Go to your browser, press F5 to refresh the screen
go to “User Management” on the left menu
click on admin username
then select all check in Realm Permission tab then press “save” button on bottom-right corner
- Go back to secure shell, configure cron job for cacti to monitor you system every 5 minutes
# vi /etc/crontab
add following line at the end of file (Press I and move cursor to create a new line)
*/5 * * * * root php /var/www/cacti/poller.php > /dev/null 2>&1
save and exit (Press ESC then : “colon” then qw! then enter)
- wait & see if there is any update on cacti graph from browser or you can see if there is any rra file in /var/www/cacti/rra/
if there is no files listed in /var/www/cacti/rra within 5 minutes, check the cron job
Note:
- All trademark are belong to the owner: Cacti for Cacti & Cacti Users for Plugin Architecture, Monitor, Thold, Settings, Tools and Host Info
- This installation guild is based on CentOS 5.2. The directory/instruction may change if you were using other distro.
- This installation guild is not cover spine (cactid) installation
- Use at your own risk
Disclarm:
- Original cacti installation can be found at Cacti official website - http://www.cacti.net
- All plugin can be found at Cacti Users website - http://www.cactiusers.org
- You may distribute my custom package without any notification to me but you may have to inform the product owner at above link
Tags: cacti, monitoring, plugins, snmp
Posted in Uncategorized | No Comments »