blogs4linux.blogspot.com: May 2013

Lab Scenerio :=

Syslog Server = 192.168.0.80 <============ Hostname mail

Syslog client = 192.168.0.65 <============ Hostname storage

Server Side Configuration =

#|yum install rsyslog

bb | 4.0 kB 00:00

bb/primary_db | 3.1 MB 00:00

Setting up Install Process

Resolving Dependencies

--> Running transaction check

---> Package rsyslog.x86_64 0:5.8.10-2.el6 will be installed

--> Processing Dependency: logrotate >= 3.5.2 for package: rsyslog-5.8.10-2.el6.x86_64

--> Running transaction check

---> Package logrotate.x86_64 0:3.7.8-15.el6 will be installed

--> Finished Dependency Resolution

Dependencies Resolved

================================================================================

Package Arch Version Repository Size

================================================================================

Installing:

rsyslog x86_64 5.8.10-2.el6 bb 647 k

Installing for dependencies:

logrotate x86_64 3.7.8-15.el6 bb 55 k

Transaction Summary

================================================================================

Install 2 Package(s)

Total download size: 702 k

Installed size: 2.2 M

Is this ok [y/N]: y

Downloading Packages:

(1/2): logrotate-3.7.8-15.el6.x86_64.rpm | 55 kB 00:00

(2/2): rsyslog-5.8.10-2.el6.x86_64.rpm | 647 kB 00:00

--------------------------------------------------------------------------------

Total 3.9 MB/s | 702 kB 00:00

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : logrotate-3.7.8-15.el6.x86_64 1/2

warning: /var/lib/logrotate.status created as /var/lib/logrotate.status.rpmnew

Installing : rsyslog-5.8.10-2.el6.x86_64 2/2

warning: /etc/rsyslog.conf created as /etc/rsyslog.conf.rpmnew

Verifying : rsyslog-5.8.10-2.el6.x86_64 1/2

Verifying : logrotate-3.7.8-15.el6.x86_64 2/2

Installed:

rsyslog.x86_64 0:5.8.10-2.el6

Dependency Installed:

logrotate.x86_64 0:3.7.8-15.el6

Complete!

2 .Step= Edit the rsyslog.conf file below like this

[root@mail log]# cat /etc/rsyslog.conf

#rsyslog v3 config file

# if you experience problems, check

# http://www.rsyslog.com/troubleshoot for assistance

#### MODULES ####

$ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command)

$ModLoad imklog.so # provides kernel logging support (previously done by rklogd)

#$ModLoad immark.so # provides --MARK-- message capability

# Provides UDP syslog reception

#$ModLoad imudp.so

#$UDPServerRun 514

# Provides TCP syslog reception

$ModLoad imtcp.so <====== Uncomment this line

$InputTCPServerRun 514 <====== Uncomment this line

:FROMHOST-IP, isequal,"192.168.0.65" /var/log/servers.log <============== Edit Here add Client Ip Add resss

& ~

#### GLOBAL DIRECTIVES ####

# Use default timestamp format

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# File syncing capability is disabled by default. This feature is usually not required,

# not useful and an extreme performance hit

#$ActionFileEnableSync on

#### RULES ####

# Log all kernel messages to the console.

# Logging much else clutters up the screen.

#kern.* /dev/console

# Log anything (except mail) of level info or higher.

# Don't log private authentication messages!

*.info;mail.none;authpriv.none;cron.none /var/log/messages

# The authpriv file has restricted access.

authpriv.* /var/log/secure

# Log all the mail messages in one place.

mail.* -/var/log/maillog

# Log cron stuff

cron.* /var/log/cron

# Everybody gets emergency messages

*.emerg *

# Save news errors of level crit and higher in a special file.

uucp,news.crit /var/log/spooler

# Save boot messages also to boot.log

local7.* /var/log/boot.log

# ### begin forwarding rule ###

# The statement between the begin ... end define a SINGLE forwarding

# rule. They belong together, do NOT split them. If you create multiple

# forwarding rules, duplicate the whole block!

# Remote Logging (we use TCP for reliable delivery)

# An on-disk queue is created for this action. If the remote host is

# down, messages are spooled to disk and sent when it is up again.

#$WorkDirectory /var/spppl/rsyslog # where to place spool files

#$ActionQueueFileName fwdRule1 # unique name prefix for spool files

#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)

#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown

#$ActionQueueType LinkedList # run asynchronously

#$ActionResumeRetryCount -1 # infinite retries if host is down

# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional

#*.* @@remote-host:514

# ### end of the forwarding rule ###

3rd Step

# Restart the rsyslog service

================================================================================

Client Side

1. step Install rsyslog RPM

2. Edit the rsyslog.conf file Below like this

[root@storage ~]# cat /etc/rsyslog.conf

# rsyslog v5 configuration file

# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html

# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html

#### MODULES ####

$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)

$ModLoad imklog # provides kernel logging support (previously done by rklogd)

#$ModLoad immark # provides --MARK-- message capability

# Provides UDP syslog reception

#$ModLoad imudp

#$UDPServerRun 514

# Provides TCP syslog reception

#$ModLoad imtcp

#$InputTCPServerRun 514

#### GLOBAL DIRECTIVES ####

# Use default timestamp format

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# File syncing capability is disabled by default. This feature is usually not required,

# not useful and an extreme performance hit

#$ActionFileEnableSync on

# Include all config files in /etc/rsyslog.d/

$IncludeConfig /etc/rsyslog.d/*.conf

#### RULES ####

# Log all kernel messages to the console.

# Logging much else clutters up the screen.

#kern.* /dev/console

# Log anything (except mail) of level info or higher.

# Don't log private authentication messages!

*.info;mail.none;authpriv.none;cron.none /var/log/messages

# The authpriv file has restricted access.

authpriv.* /var/log/secure

# Log all the mail messages in one place.

mail.* -/var/log/maillog

# Log cron stuff

cron.* /var/log/cron

# Everybody gets emergency messages

*.emerg *

# Save news errors of level crit and higher in a special file.

uucp,news.crit /var/log/spooler

# Save boot messages also to boot.log

local7.* /var/log/boot.log

# ### begin forwarding rule ###

# The statement between the begin ... end define a SINGLE forwarding

# rule. They belong together, do NOT split them. If you create multiple

# forwarding rules, duplicate the whole block!

# Remote Logging (we use TCP for reliable delivery)

# An on-disk queue is created for this action. If the remote host is

# down, messages are spooled to disk and sent when it is up again.

$WorkDirectory /var/lib/rsyslog # where to place spool files ]

$ActionQueueFileName fwdRule1 # unique name prefix for spool files ]

$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) ] <====================== Uncomment this line

$ActionQueueSaveOnShutdown on # save messages to disk on shutdown ]

$ActionQueueType LinkedList # run asynchronously ]

$ActionResumeRetryCount -1 # infinite retries if host is down ]

# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional

*.* @@192.168.0.80:514 <=================================== Add the Syslog server Ip add

# ### end of the forwarding rule ###

# Restart the rsyslog Service

Test configuration

Client side run below command for Testing

[root@storage ~]# logger "testing to remote rsyslog server"

Check log on server side

2013-05-11T12:46:27+05:08 storage root: testing to remote rsyslog server

2013-05-11T12:46:28+05:08 storage root: testing to remote rsyslog server

Server := 192.168.0.75 ( yum server , pxe server , dhcp server , ftpserver , kickstart server )

1 step : # yum install syslinux tftp-server xinetd dhcp

2 # mount /dev/sr0 /mnt <====RHEL 6.3 DVD

3 # cd /mnt/isolinux/

4 # cp -rfv * /var/lib/tftpboot/

5 # cd /var/lib/tftpboot/

# ls ============>>> it will show total 35236

-r--r--r-- 1 root root 2048 Apr 22 16:34 boot.cat

-r--r--r-- 1 root root 84 Apr 22 16:34 boot.msg

-r--r--r-- 1 root root 334 Apr 22 16:34 grub.conf

-r--r--r-- 1 root root 30442765 Apr 22 16:34 initrd.img

-r--r--r-- 1 root root 24576 Apr 22 16:34 isolinux.bin

-r--r--r-- 1 root root 954 Apr 22 16:34 isolinux.cfg

-r--r--r-- 1 root root 165080 Apr 22 16:34 memtest

-rw-r--r-- 1 root root 26828 Apr 22 16:35 pxelinux.0

-r--r--r-- 1 root root 1236005 Apr 22 16:34 splash.jpg

-r--r--r-- 1 root root 2215 Apr 22 16:34 TRANS.TBL

-r--r--r-- 1 root root 162860 Apr 22 16:34 vesamenu.c32

-r-xr-xr-x 1 root root 3986992 Apr 22 16:34 vmlinuz

6 tftpboot # mkdir pxelinux.cfg

7 tftpboot# cp isolinux.cfg pxelinux.cfg/default

8 # cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

9 # restorecon -Rv /var/lib/tftpboot/

10 # vim /etc/xinetd.d/tftp

edit like this

# default: off

# description: The tftp server serves files using the trivial file transfer \

# protocol. The tftp protocol is often used to boot diskless \

# workstations, download configuration files to network-aware printers, \

# and to start the installation process for some operating systems.

service tftp

{

socket_type = dgram

protocol = udp

wait = yes

user = root

server = /usr/sbin/in.tftpd

server_args = -s /var/lib/tftpboot

disable = no

per_source = 11

cps = 100 2

flags = IPv4

=================================================

11 # service xinetd restart; chkconfig xinetd on

FOR KICK-START ADD the following line

Below like this

[root@network ~]# cat /var/lib/tftpboot/pxelinux.cfg/default

default vesamenu.c32

#prompt 1

timeout 600

display boot.msg

menu background splash.jpg

menu title Welcome to Red Hat Enterprise Linux 6.3!

menu color border 0 #ffffffff #00000000

menu color sel 7 #ffffffff #ff000000

menu color title 0 #ffffffff #00000000

menu color tabmsg 0 #ffffffff #00000000

menu color unsel 0 #ffffffff #00000000

menu color hotsel 0 #ff000000 #ffffffff

menu color hotkey 7 #ffffffff #ff000000

menu color scrollbar 0 #ffffffff #00000000

label linux

menu label ^Install or upgrade an existing system

menu default

kernel vmlinuz

append initrd=initrd.img network ks=ftp:/192.168.0.75/pub/REDHAT/ks.cfg <=== for a kick start.

label vesa

menu label Install system with ^basic video driver

kernel vmlinuz

append initrd=initrd.img xdriver=vesa nomodeset

label rescue

menu label ^Rescue installed system

kernel vmlinuz

append initrd=initrd.img rescue

label local

menu label Boot from ^local drive

localboot 0xffff

label memtest86

menu label ^Memory test

kernel memtest

append -

[root@network ~]#

CONFIGURE THE ks.cfg file like this

[root@network ~]# cat /var/ftp/pub/REDHAT/ks.cfg

#platform=x86, AMD64, or Intel EM64T

#version=DEVEL

# Firewall configuration

firewall --disabled

# Install OS instead of upgrade

install

# Use network installation

url --url="ftp://192.168.0.75/pub/REDHAT/"

# Root password

rootpw --iscrypted $1$CjDlI3aq$4p088wzspihZ2xZ0NZQzO/

# System authorization information

auth --useshadow --passalgo=sha512

# Use graphical install

graphical

firstboot --disable

# System keyboard

keyboard us

# System language

lang en_US

# SELinux configuration

selinux --disabled

# Installation logging level

logging --level=info

# System timezone

timezone Asia/Kolkata

# Network information

network --bootproto=dhcp --device=eth0 --onboot=on

# System bootloader configuration

bootloader --location=mbr

# Partition clearing information

clearpart --all

# Disk partitioning information

part / --fstype="ext4" --size=10240

part swap --fstype="swap" --size=2048

%packages

@kde-desktop

%end

[root@network ~]#

Save the kick-start config file in /var/ftp/pub/REDHAT/

#restart the vsftpd service.

#restart xinetd service.

12# cp -avr /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf

13 # vim /etc/dhcp/dhcpd.conf

subnet 10.254.239.0 netmask 255.255.255.224 {

range 10.254.239.10 10.254.239.20;

option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;

}

# This declaration allows BOOTP clients to get dynamic addresses,

# which we don't really recommend.

subnet 192.168.0.0 netmask 255.255.255.0 {

range dynamic-bootp 192.168.0.58 192.168.0.59;

#option subnet-mask 255.255.255.0

filename "/pxelinux.0";

next-server 192.168.0.75;

option broadcast-address 10.254.239.31;

option routers rtr-239-32-1.example.org;

}

# A slightly different configuration for an internal subnet.

subnet 10.5.5.0 netmask 255.255.255.224 {

range 10.5.5.26 10.5.5.30;

option domain-name-servers ns1.internal.example.org;

option domain-name "internal.example.org";

option routers 10.5.5.1;

option broadcast-address 10.5.5.31;

default-lease-time 600;

max-lease-time 7200;

}

14 # edit like above this

15 # service dhcpd restart; chkconfig dhcpd on

17 # vim /etc/yum.repos.d/server.repo on

add ftp repo

[Server]

baseurl=ftp://192.168.0.75/pub/REDHAT

enabled=1

gpgcheck=0

18 # copy dvd in to pub/REDHAT dir

# cp -avr /mnt/* /var/ftp/pub/REDHAT/

19 # restart vsftpd service

thats its

blogs4linux.blogspot.com

Wednesday, May 15, 2013

SYSLOG SERVER SETUP ON RHEL 6.3

PXE BOOT SERVER WITH KICKSTART SERVER

Total Pageviews

my blogs