ericsysmin's DevOps Blog

Socks5 Jump Host Proxy Service

So, everyone uses a jump host to help with security. It often causes people to require to configure SSH tunnels, to remotely browse the services and even connect to hosts in another network.

The best information I found was using a command like this:

However you have to enter that at every single boot! There’s no status on it, and that doesn’t help you simply run it in the background even without logging into your jump host.

Solution:

Lets run it as a service! For this instruction I am using CentOS 7, simply because systemd is in the new OS’s, so it’s relevant.

Now you have a no mess, socks5 service running on your host. If you want it to start with boot, just run:

 

Continue reading...

Configuring High Availability (HA) Zabbix Server on CentOS 7

Step 1: Configure Name Resolution

We need to configure our host to know it’s counterpart quickly without DNS (we don’t want false failures).

Open the following two entries to your /etc/hosts file.

Step 2: Install Zabbix Server

Now we need to install the Zabbix Server, however there are so many ways to deploy this I prefer Puppet (mainly because I contribute a lot to https://github.com/dj-wasabi/puppet-zabbix) We are going to do this the standard way.

On both Zabbix Servers we will need to install Zabbix, I like MySQL, but that’s just because I’ve been using it a long time.

At the time this is written current version is Zabbix 3.0

I don’t really want to go far in depth to showing the entire Zabbix Server configuration, if you still need help setting the rest up please visit:
https://www.zabbix.com/documentation/3.0/manual/installation/install_from_packages#red_hat_enterprise_linuxcentos

However there is one change that is very important. You will need to configure in your  /etc/zabbix/zabbix_server.conf

Step 3: Configure Pacemaker

Lets go back to zabbixserver1 and get these two authenticating to each other.

Now we need to create the cluster and add the zabbix servers

To start the cluster

Make sure that Pacemaker and Corosync are started at boot on both hosts.

Check the status of your cluster after it’s been started by using

Check the status of your nodes in the cluster by using

For Zabbix we don’t need or want stonith especially since we just have 2 servers. Lets run:

Because we have 2 nodes our number of nodes is too low to have a quorum. To have a quorum you must have at least 2 nodes, and that would defeat the purpose of this. We will ignore the low quorum with the following.

Now we are into the fun part! Lets create the VIP which would be used between both of these Zabbix Servers.

To test this you can try to ping the <cluster_ip> now.

You should also see a resource now appear when you test the command

Lets disable systemd from controlling zabbix-server. Once the next step is completed, Pacemaker will actually control the process.

Now we need to setup the Zabbix Server resource which will make sure that the systemd (CentOS 7) has zabbix-server always running in this cluster.

You should also see that resource now appear when you test the command

Now we may have a problem, in its current state the VIP and the zabbix_server can be running on different nodes. Definitely not what we want happening. To resolve this we need to add some constraints that tell pacemaker that they need to be on the same host, and that the cluster_ip needs to be completed before the zabbix_server

Testing the cluster can be done by the following

Bonus Item

If you would like Zabbix Server to prefer a specific server you can use the following command to do so.

Used Resources:

https://www.digitalocean.com/community/tutorials/how-to-set-up-an-apache-active-passive-cluster-using-pacemaker-on-centos-7

Continue reading...