Gab Knowledge Base

Thursday, May 11, 2017

exsi patch

patch exsi package -> https://esxi-patches.v-front.de/ESXi-6.0.0.html

[root@bs-lab02:~] esxcli software profile update -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml -p ESXi-6.
0.0-20160804001-standard
Update Result
Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective.
Reboot Required: true
VIBs Installed: VMware_bootbank_esx-base_6.0.0-2.43.4192238, VMware_bootbank_esx-ui_1.4.0-3959074, VMware_bootbank_misc-drivers_6.0.0-2.43.4192238, VMware_bootbank_net-vmxnet3_1.1.3.0-3vmw.600.2.43.4192238, VMware_bootbank_vsan_6.0.0-2.43.4097166, VMware_bootbank_vsanhealth_6.0.0-3000000.3.0.2.43.4064824, VMware_locker_tools-light_6.0.0-2.43.4192238
VIBs Removed: VMware_bootbank_esx-base_6.0.0-2.34.3620759, VMware_bootbank_esx-ui_1.0.0-3617585, VMware_bootbank_misc-drivers_6.0.0-2.34.3620759, VMware_bootbank_net-vmxnet3_1.1.3.0-3vmw.600.2.34.3620759, VMware_bootbank_vsan_6.0.0-2.34.3563498, VMware_bootbank_vsanhealth_6.0.0-3000000.3.0.2.34.3544323
VIBs Skipped: VMWARE_bootbank_mtip32xx-native_3.8.5-1vmw.600.0.0.2494585, VMware_bootbank_ata-pata-amd_0.3.10-3vmw.600.0.0.2494585, VMware_bootbank_ata-pata-atiixp_0.4.6-4vmw.600.0.0.2494585,

mount CD and use as repo

# mount -o loop /dev/sr0 /mnt

# cp /mnt/media.repo /etc/yum.repos.d/rhel7dvd.repo
# chmod 644 /etc/yum.repos.d/rhel7dvd.repo

sed notes

sed -ie 's/word1/word2/g' /testing

find word1 and replace it to word2 inside /testing file
-i option is used to edit in place on the file testing.

-e option indicates the expression/command to run, in this case s/.

Notes:
the / can be replace with anything as long no conflict with inside word
example

sed -ie 's:word1:word2:g' /testing

HaProxy

Environment: Centos 7
Haproxy version: 1.5.18
Installation
you can install by using this command
# yum install haproxy

Configure
the configuration file is located at /etc/haproxy/haproxy.cfg
open and edit the file
you need to define frontend and backend

frontend LB
bind 0.0.0.0:80 # bind to all network IP:port
reqadd X-Forwarded-Proto:\ http
default_backend LB # point to backend name LB

backend LB
mode http
balance roundrobin # Load balancing will work in round-robin process.
option httpchk
option httpclose
option forwardfor
cookie SERVERID insert # Let the load-balancer set up a cookie for the session.
server svrv-trep-app01 172.20.101.115:80 cookie app01 check # server 1
server svrv-trep-app02 172.20.101.116:80 cookie app02 check # server 2
server backup-server 172.20.101.124:80 check backup # if all server fail, traffic will go to this backup server

cookie app0x = this is so when client come back, it know which server to go back to.

but if it was new client, then it will set SERVERID=app01 into the header

if using application for session persistence
then replace SERVERID with JSESSIONID

the "check" is use to check if the server is alive or not

Enable Stats

edit

stats enable # enable statistic pages
stats hide-version
stats uri /stats # statistic pages at /stats
stats realm Haproxy\ Statistics
stats auth username:password # Credentials for HAProxy Statistic report page.

Enable log
1. edit rsyslog file
# vim /etc/rsyslog.conf
find and enable this

# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

This will make the server listen to port 514 to collect log

2. since inside haproxy.conf, it already define this

log 127.0.0.1 local2

then we create a new file call haproxy.conf under /etc/rsyslog.d/

# vim /etc/rsyslog.d/haproxy.conf

and put this

local2.* /var/log/haproxy.log

3. Then restart the rsyslog service

# systemctl restart rsyslog

Enable SSL

1. edit the haproxy.conf and add the httpd frontend

frontend LBS

bind 0.0.0.0:443 ssl crt /etc/haproxy/test.pem # listen to port 443, ssl crt is at /etc/haproxy/test.pem

reqadd X-Forwarded-Proto:\ https

default_backend LB # go to backend name LB

so the connection will be like this

Public -- use https secure connection --> Haproxy -- use http --> backend server

2. if you want to enforce ssl, then add this to the backend

redirect scheme https if !{ ssl_fc }

so the final configuration will look something like this

frontend LB
bind 0.0.0.0:80
reqadd X-Forwarded-Proto:\ http
default_backend LB

frontend LBS
bind 172.20.101.128:443 ssl crt /etc/haproxy/test.pem
reqadd X-Forwarded-Proto:\ https
default_backend LB

backend LB
mode http
redirect scheme https if !{ ssl_fc }
stats enable

stats hide-version
stats uri /stats
stats realm Haproxy\ Statistics
stats auth username:password

balance roundrobin
option httpchk
option httpclose
option forwardfor
cookie SERVERID insert
server svrv-trep-app01 172.20.101.115:80 cookie app01 check
server svrv-trep-app02 172.20.101.116:80 cookie app02 check
server backup-server 172.20.101.124:80 check backup

Microsite or redirrect certain sub path to other server

1. define the incoming domain name
acl in_domain hdr_dom(host) -i www.testing.com

2. define backend server
backend testing_backend
balance roundrobin
option httpchk GET / HTTP/1.0
server test-server 172.20.1.60:80 maxconn 200 check inter 5s
server maintenance 203.208.240.126:80 backup
timeout server 60s

3. define backend, if want to redirrect www.testing.com/camera to different server

acl camera_r path -i /camera
redirect location /camera/ if testing_domain camera_r
acl camera path_beg -i /camera/
use_backend testing_backend if in_domain camera

== explain ==

1st line, is to define camera_r = /camera

2nd line, if fall on in_domain camera_r (mean www.testing.com/camera) then redirrect to www.testing.com/camera/

3rd line, is to define camera = /camera/

4th line, if fall on in_domain camera (www.testing.com/camera/) then redirrect to server testing_backend

Friday, August 19, 2016

maven simple setup

Installation

1. download maven

2. Ensure JAVA_HOME environment variable is set and points to your JDK installation

3. extract maven and put to /opt/

tar xzvf apache-maven-3.3.9-bin.tar.gz

4. make soflink
ln -s apache-maven-3.3.9 maven

5. edit user .bash_profile and add this into it
export M2_HOME=/opt/maven

export PATH=${M2_HOME}/bin:${PATH}
6. exit and login again to take effect and test maven
mvn --version

7. create a new project and let it generate a new pom.xml

mvn archetype:generate -DgroupId=com.mycompany.app -DartifactId=my-app -DarchetypeArtifactId=maven-archetype-quickstart -DinteractiveMode=false

reference:

https://maven.apache.org/guides/getting-started/maven-in-five-minutes.html

http://www.tutorialspoint.com/maven/maven_environment_setup.htm

Thursday, August 18, 2016

jboss fuse simple setup

Environment

OS: RedHat Enterprise 7

Java: Oracle jdk1.8.0_91

Fuse: jboss-fuse-6.2.1.redhat-117

Firewall disable
systemctl stop firewalld
systemctl disable firewalld

SELinux disable

vi /etc/selinux/config
change to disabled

Java Setup

1. download Java from oracle website

2. edit /etc/hosts file and add your IP and hostname into it

172.20.1.100 fuse1

if you are setup cluster fuse, then add fuse2 and fuse3 as well to all node hosts file

3. unzip java and put to /opt

then make softlink

ln –s jdk1.8.0_91 jdk1.8.0

this is to easy to upgrade java in future. just extract new update java and change the softlink pointing

then add following line to .bash_profile

export JAVA_HOME=/opt/jdk1.8.0

4. exit and login again to make java take effect and test by using this command

java -version

Fuse Setup

NODE 1

1. unzip jboss fuse to /opt and make a softlink as well

ln –s jboss-fuse-full-6.2.1-redhat-117 fuse

2. edit <fuse-install-dir>/etc/system.properties to rename karaf instance as fuse1 (from root):
# Name of this Karaf instance
karaf.name=fuse1

3. start fuse

cd /opt/fuse

bin/fuse

4. From the Fuse CLI, create an ESB admin user using the following command, substitute <user name> and <user password> with actual values:
esb:create-admin-user --new-user <user name> --new-user-password <user password>

5. Shutdown Fuse and restart as a background service using:

bin/start

6. Connect to Fuse using admin user created above:
bin/client –u <user name> -p <user password>

7. Next create Fabric:
fabric:create --zookeeper-password <zookeeper-password> --zookeeper-data-dir zkdata
--resolver localhostname --wait-for-provisioning

8. As a practice, we do not deploy application services to root containers, so we can remove the jboss-fuse-full profile from the container:
container-remove-profile fuse1 jboss-fuse-full

NODE 2 & NODE 3

1. After unzip, JBoss Fuse will be installed in /opt/jboss-fuse-full-6.2.1-redhat-117. For convenience, create a symbolic link:
cd /opt/dportal
ln –s jboss-fuse-full-6.2.1-redhat-117 fuse

2. edit <fuse-install-dir>/etc/system.properties to rename karaf instance as fuse2 and fuse3 (from root), respectively:
Node 2 (172.20.1.101):
# Name of this Karaf instance
karaf.name=fuse2
Node 3 (171.20.1.102):
# Name of this Karaf instance
karaf.name=fuse3

3. Start Fuse:
$ cd /home/fmsapps/fuse
$ bin/fuse

4. Join fabric
fabric:join --zookeeper-password <zookeeper-password> --resolver localhostname
fuse1:2181

5. Shutdown Fuse and restart as a background service using:
$ bin/start

6. Connect to Fuse using admin user created above:
$ bin/client –u <user name> -p <user password>

At this point, 3 JBoss Fuse Fabric containers were created and started.
On 172.20.1.100 (fuse1), log in to Fuse Fabric CLI and issue the following command to create an
ensemble.
JBossFuse:fuseadmin@utdrvfuse1> ensemble-add utdrvfuse2 utdrvfuse3

Once the command is completed, the fabric container list should be similar to:
JBossFuse:fabric@fuse1> container-list
[id] [version][connected] [profiles] [provision status]
utdrvfuse1* 1.0 yes fabric, fabric-ensemble-0001-1 success
utdrvfuse2 1.0 yes fabric, fabric-ensemble-0001-2 success
utdrvfuse3 1.0 yes fabric, fabric-ensemble-0001-3 success
The Fuse setup is complete. Fuse management console can be accessed from http://172.20.1.100:8181

Monday, August 15, 2016

LinkChecker

Install Linckecker

http://wummel.github.io/linkchecker/

# wget --no-check-certificate https://pypi.python.org/packages/source/L/LinkChecker/LinkChecker-9.3.tar.gz

Got 2 way to install

Manual installation where you download the source and initiate install yourself
Auto install Linckecker by using pip

Manual Installation

For Centos/RHEL 6 -> enable Software Collection to install Python 2.7

For Centos/RHEL 7 -> just use yum install python

Enable Software collection

RHEL -> # subscription-manager repos --enable rhel-server-rhscl-6-rpms

Centos -> # yum install centos-release-scl

Then install python27

# yum install python27

You need to enable it in order to use

# scl enable python27 bash

Install the remain package needed to run

# yum install gcc python-requests qt-devel

On How to install, you can read the doc at LinkChecker-9.3/doc/install.txt

# make -C doc/html

# python setup.py sdist --manifest-only

# python setup.py build

# python setup.py install

You can test run by using this command

# linkchecker www.google.com -Fcsv//tmp/google.csv

Troubleshooting

If you encounter this error “This program requires Python requests 2.2.0 or later” when you test run.

Downgrade the request version as Linkcheck 9.3 having bug with request ver 10

Downgrade using pip

# yum install python27-python-pip

# pip install requests==2.9.2

Auto Installation

# yum install gcc qt-devel

Enable software collection if you using Centos/RHEL 6 and install python27 & python27-python-pip

# yum install python27-python-pip python27

Then install Linkchecker using pip

# scl enable python27 bash

# pip install LinkChecker