yum clean all
yum update
* Check NTP and DNS configuration.
* Create a nice MOTD:
_____ _ _____ _
/ ____| | | | __ (_)
| (___ _ __ ___ ___ | | _____| |__) | _ __ __ _
\___ \| '_ ` _ \ / _ \| |/ / _ \ ___/ | '_ \ / _` |
____) | | | | | | (_) | < __/ | | | | | | (_| |
|_____/|_| |_| |_|\___/|_|\_\___|_| |_|_| |_|\__, |
__/ |
|___/
* Install the needed packages:
yum groupinstall "Development tools"
yum install rrdtool rrdtool-perl fping wget curl bind-utils mod_fcgid mod_ssl httpd httpd-devel perl-CPAN lynx ncftp perl perl-YAML perl-parent perl-Test-Simple perl-Net-SSLeay
* Configure CPAN:
perl -MCPAN -e shell
Would you like me to configure as much as possible automatically? [yes] no
Choose the defaults, configure a proxy if needed.
# If you want to reconfigure CPAN: o conf init
* I had some problems when using the Perl packages from the repo. Install the Perl modules via CPAN:
cpan
install LWP
install IO::Pty
install Config::Grammar
install Digest::HMAC_MD5
install Net::Telnet
install Net::OpenSSH
install Net::DNS
install Net::LDAP
install Net::SNMP # Don't install the optional packages.
install FCGI
install CGI::Fast
* Download SmokePIng:
cd /var/tmp
wget http://oss.oetiker.ch/smokeping/pub/smokeping-2.6.11.tar.gz
* Install SmokePing:
tar -zxvf smokeping-2.6.11.tar.gz -C /var/tmp
cd /var/tmp/smokeping-2.6.11
./configure --prefix=/opt/smokeping-2.6.11
/usr/bin/gmake install
ln -s /opt/smokeping-2.6.11 /opt/smokeping
mkdir /opt/smokeping-2.6.11/{cache,data,var}
chmod 660 /opt/smokeping-2.6.11/etc/smokeping_secrets.dist
useradd -u smokeping
chown -R smokeping. /opt/smokeping*
==== - Post install config====
=== - SmokePing===
* Modify ''/opt/smokeping/etc/config.dist''.
cp /opt/smokeping/etc/config.dist /opt/smokeping/etc/config
vi config
* Modify ''/opt/smokeping/htdocs/smokeping.fcgi.dist'':
mv /opt/smokeping/htdocs/smokeping.fcgi.dist /opt/smokeping/htdocs/smokeping.fcgi
vi /opt/smokeping/htdocs/smokeping.fcgi
* Change the template sidebar width (if needed) ''/opt/smokeping/etc/basepage.html.dist'':
=== - TLS self signed certificate===
* Change ''/etc/pki/tls/openssl.cnf''
countryName_default = ...
stateOrProvinceName_default = ...
localityName_default = ...
0.organizationName_default = ...
organizationalUnitName_default = ...
commonName =
[ req ]
distinguished_name = req_distinguished_name
req_extensions = v3_req
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 =
DNS.2 =
IP.1 =
IP.2 =
* Generate private key:openssl genrsa -out /etc/pki/tls/private/.key 2048
* Generate CSR:openssl req -new \
-out /etc/pki/tls/certs/.csr \
-key /etc/pki/tls/private/.key \
-config /etc/pki/tls/openssl.cnf
* Check:openssl req -text -noout -in /etc/pki/tls/certs/.csr
* Sign:openssl x509 -req -days 3650 \
-in /etc/pki/tls/certs/.csr \
-signkey /etc/pki/tls/private/.key \
-out /etc/pki/tls/certs/.crt \
-extensions v3_req \
-extfile /etc/pki/tls/openssl.cnf
=== - Apache===
* Remove the default virtual host: ''/etc/httpd/conf.d/smokeping.conf''.
* Edit ''/etc/httpd/conf/httpd.conf'':
ServerAdmin
NameVirtualHost *:443
* Create the following config: ''/etc/httpd/conf.d/smokeping.conf''
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite DEFAULT:!EXP:!SSLv2:!DES:!IDEA:!SEED:+3DES
SSLCertificateFile /etc/pki/tls/certs/.crt
SSLCertificateKeyFile /etc/pki/tls/private/.key
SSLOptions +StdEnvVars
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
ServerName
DocumentRoot "/var/www/html/"
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
SuexecUserGroup smokeping smokeping
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
SSLOptions +StdEnvVars
Options FollowSymLinks
AllowOverride None
Options None
Order allow,deny
Allow from all
Alias /cache/ "/opt/smokeping-2.6.11/cache/"
Options None
Order deny,allow
Deny from all
Allow from
AuthType Basic
AuthBasicProvider ldap
AuthName "LDAP authentication"
AuthLDAPURL ...
AuthLDAPBindDN ...
AuthLDAPBindPassword ...
Require ldap-attribute gidNumber=...
Require valid-user
* Create an index.html redirect ''/var/www/html/index.html'':
* Copy ''smokeping.fcgi'' (for suexec):cp /opt/smokeping/htdocs/smokeping.fcgi /var/www/cgi-bin/
* Modify suexec rights:chown -R smokeping. /var/www/cgi-bin/
* Start Apache at boot:chkconfig httpd on
* Start Apache:service httpd start
===Start/stop script===
* Create start/stop script: ''/etc/init.d/smokeping''
#!/bin/sh
#
# chkconfig: - 86 14
# description: smokeping init script
# processname: smokeping
# config: /opt/smokeping/etc/smokeping.conf
# pidfile: /opt/smokeping/var/smokeping.pid
# Source function library.
. /etc/rc.d/init.d/functions
# the path to your PID file
# path to smokeping script
smokeping=/opt/smokeping/bin/smokeping
smokeping_config=/opt/smokeping/etc/config
smokeping_logfile=/opt/smokeping/var/smoke.log
pidfile=/opt/smokeping/var/smokeping.pid
lockfile=/var/lock/subsys/smokeping
smokeping_opts="--config=${smokeping_config} --logfile=${smokeping_logfile}"
prog=smokeping
run_user=smokeping
RETVAL=0
STOP_TIMEOUT=10
start() {
echo -n $"Starting $prog: "
daemon --pidfile=${pidfile} --user $run_user $smokeping $smokeping_opts
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} -d ${STOP_TIMEOUT} $smokeping
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}
reload() {
echo -n $"Reloading $prog: "
if ! $smokeping $smokeping_opts --check >&/dev/null; then
echo $"not reloading due to configuration syntax error"
failure $"not reloading $smokeping due to configuration syntax error"
else
$smokeping $smokeping_opts --reload
RETVAL=$?
if [ $RETVAL -ne 0 ]; then
failure $"smokeping reloading"
fi
fi
echo
}
restart() {
echo -n $"Restarting $prog: "
if ! $smokeping $smokeping_opts --check >&/dev/null; then
echo $"not restarting due to configuration syntax error"
failure $"not restarting $smokeping due to configuration syntax error"
else
$smokeping $smokeping_opts --restart
RETVAL=$?
if [ $RETVAL -ne 0 ]; then
failure $"smokeping restarting"
fi
fi
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status -p ${pidfile} $smokeping
RETVAL=$?
;;
reload)
reload
;;
restart)
restart
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status}"
RETVAL=2
esac
* Set executable bit:chmod +x /etc/init.d/smokeping
* Start at boot:chkconfig --add smokeping
chkconfig smokeping on
===Remote fping===
* Create a user account and install fping on the client:
useradd -u smokeping
yum install fping
* Place the smokeping user's public key and root's public key on the client, in the ''authorized_keys'' file.
* Test login with key.
* Add the RemoteFPing probe to the SmokePing configuration:
# Config
+RemoteFPing
binary = /usr/bin/ssh
blazemode = true
hostinterval = 1.5
#mininterval = 0.001
offset = 50%
packetsize = 56
pings = 20
rbinary = /usr/sbin/fping
rhost =
ruser = smokeping
#sourceaddress =
step = 300
timeout = 1.5
#tos = 0x20
usestdout = false
#*** Slaves ***
#secrets=/opt/smokeping-2.6.11/etc/smokeping_secrets.dist
#+boomer
#display_name=boomer
#color=0000ff
#
#+slave2
#display_name=another
#color=00ff00
* Add remote hosts:
+++ Name
probe=Name
host=