Category Archives: Linux

Monitoring of Apache2 parameters in Zabbix

Install the necessary components:

sudo apt-get install curl

Activate the module information about apache2 (usually it is activated initially):

sudo a2enmod info

Open the configuration file of the module and specify the IP address of the zabbix server to allow it to view information about apache2 (if apache2 is on the local machine, then access is usually allowed by specifying local or 127.0.0.1):

sudo nano /etc/apache2/mods-enabled/status.conf

In the nano editor, CTRL+X is used to exit and y/n to save or discard changes. Example of specifying IP:

<Location /server-status>
    SetHandler server-status
    Require local
    Require ip 192.168.1.5
</Location>

Restart the web server to apply the changes:

sudo service apache2 restart

Now the information about apache2 is available through the browser by the link http://HOST/server-status

Let’s move on to Zabbix. Create a folder for scripts if it does not exist:

mkdir /etc/zabbix/scripts/
chown root:zabbix -R /etc/zabbix/scripts/
chmod 750 /etc/zabbix/scripts/

In the zabbix server configuration file, we specify the path to this folder:

sudo nano /etc/zabbix/zabbix_server.conf
ExternalScripts=PATH

Now I will give the content of the script:

#!/bin/bash
if [[ -z "$1" || -z "$2" || -z "$3" ]]; then
  exit 1
fi
##### PARAMETERS #####
RESERVED="$1"
METRIC="$2"
URL="$3"
STATSURL="${URL}?auto"
#
CACHE_TTL="55"
CACHE_FILE="/tmp/zabbix.apache2.`echo ${URL} | md5sum | cut -d" " -f1`.cache"
EXEC_TIMEOUT="2"
NOW_TIME=`date '+%s'`
##### RUN #####
if [ -s "${CACHE_FILE}" ]; then
  CACHE_TIME=`stat -c"%Y" "${CACHE_FILE}"`
else
  CACHE_TIME=0
fi
DELTA_TIME=$((${NOW_TIME} - ${CACHE_TIME}))
#
if [ ${DELTA_TIME} -lt ${EXEC_TIMEOUT} ]; then
  sleep $((${EXEC_TIMEOUT} - ${DELTA_TIME}))
elif [ ${DELTA_TIME} -gt ${CACHE_TTL} ]; then
  echo "" >> "${CACHE_FILE}" # !!!
  DATACACHE=`curl -sS --insecure --max-time ${EXEC_TIMEOUT} "${STATSURL}" 2>&1`
  echo "${DATACACHE}" > "${CACHE_FILE}" # !!!
  echo "URL=${URL}"  >> "${CACHE_FILE}" # !!!
  chmod 640 "${CACHE_FILE}"
fi
#
if [ "${METRIC}" = "accesses" ]; then
  cat "${CACHE_FILE}" | grep -i "accesses" | cut -d':' -f2 | head -n1
fi
if [ "${METRIC}" = "kbytes" ]; then
  cat "${CACHE_FILE}" | grep -i "kbytes" | cut -d':' -f2 | head -n1
fi
if [ "${METRIC}" = "cpuload" ]; then
  cat "${CACHE_FILE}" | grep -i "cpuload" | cut -d':' -f2 | head -n1
fi
if [ "${METRIC}" = "uptime" ]; then
  cat "${CACHE_FILE}" | grep -i "uptime" | cut -d':' -f2 | head -n1
fi
if [ "${METRIC}" = "avgreq" ]; then
  cat "${CACHE_FILE}" | grep -i "ReqPerSec" | cut -d':' -f2 | head -n1
fi
if [ "${METRIC}" = "avgreqbytes" ]; then
  cat "${CACHE_FILE}" | grep -i "BytesPerReq" | cut -d':' -f2 | head -n1
fi
if [ "${METRIC}" = "avgbytes" ]; then
  cat "${CACHE_FILE}" | grep -i "BytesPerSec" | cut -d':' -f2 | head -n1
fi
if [ "${METRIC}" = "busyworkers" ]; then
  cat "${CACHE_FILE}" | grep -i "BusyWorkers" | cut -d':' -f2 | head -n1
fi
if [ "${METRIC}" = "idleworkers" ]; then
  cat "${CACHE_FILE}" | grep -i "idleworkers" | cut -d':' -f2 | head -n1
fi
if [ "${METRIC}" = "totalslots" ]; then
  cat "${CACHE_FILE}" | grep -i "Scoreboard" | cut -d':' -f2 | sed -e 's/ //g' | wc -c | awk '{print $1-1}'
fi
#
exit 0

Let’s make the script file executable:

chown root:zabbix /etc/zabbix/scripts/apache2-status.sh
chmod 550 /etc/zabbix/scripts/apache2-status.sh

Script validation example:

sudo -u zabbix /etc/zabbix/scripts/apache2-status.sh none accesses http://HOST/server-status

Open the zabbix agent configuration file in the editor:

sudo nano /etc/zabbix/zabbix_agentd.conf

And we will specify the following parameters:

UserParameter=apache2[*],/etc/zabbix/scripts/apache2-status.sh "none" "$1" "$2"

Some commands allow you to see the number of apache2 processes and connections to port 80, for this you do not need a script, for example, you can specify:

UserParameter=apache2.count_processes,ps aux | grep apache | wc -l
UserParameter=connections_on_80_port,netstat -na | grep :80 | wc -l

Restart the zabbix agent to apply the changes:

sudo /etc/init.d/zabbix-agent restart

Let’s check:

zabbix_get -s 127.0.0.1 -k "apache2[accesses,http://HOST/server-status]"

Now we will create a template and add data elements, an example of created data items:

apache2[KEY,http://HOST/server-status]

Exported ready template – apache2-status

We also need to add a macro to the monitored host:

Macro: {$APACHE_STATS_URL}
Value: http://HOST/server-status

Done.

The number of apache2 processes can be obtained from the Zabbix agent by creating on the Zabbix server a data element with a key:

proc.num[apache2]

Updating the Linux kernel on Hetzner servers

It took one day to update the CentOS kernel on the server in Hetzner, which worked without rebooting for about 2 years.

I looked at various information about the system, the versions of the installed kernels and the running kernel:

lsb_release -a
uname -r
uname -a
cat /proc/version
sudo rpm -q kernel
ls /boot | grep vmlinuz

Updated kernel:

yum -y update

Rebooted the server using the link in cPanel https://example.com:2087/scripts/dialog?dialog=reboot

You can also use the command:

reboot

After rebooting the server did not start, I immediately made a request for technical support via the https://robot.your-server.de.
Technical support responded within two minutes, as they reported, the server did not respond to keystrokes, there was a black screen, after the physical shutdown and power-up, it successfully launched.
Here such there are cases of a reset, it is necessary to be ready to everything.
At the next reboots, hangup no longer occurred.

Opening and analysis of files created with NetFlow

Here is an example of viewing statistics:

cat ft-v05.2015-05-01.000759+0300 | flow-stat -f 10 -S 3 | less
cat ft-v05.2015-05-01.000759+0300 | flow-stat -n -p -w -f 26 -S 2 | less
flow-cat ft-v05.2017-12-07.170236+0200 | flow-print | less

You can see the flow-stat tips by typing:

man flow-stat

I will give an example of exporting data to another format (for example, in csv, which can then be opened in windows by any convenient program):

flow-cat ft-v05.2015-05-01.000759+0300 | flow-export -f 2 | less
flow-cat ft-v05.2015-05-01.000759+0300 | flow-export -f 2 > csv.csv

You can display the list with the specified source address with the following command:

flowdumper -se '"192.168.0.1" eq $srcip' ft-v05.2015-06-17.175701+0300

Export the list only with the specified source address to a file, for example, with the following command:

flowdumper -se '"192.168.0.1" eq $srcip' ft-v05.2015-06-17.175701+0300 > file.txt

Example of exporting from multiple files:

flowdumper -se '"192.168.0.1" eq $srcip' /backup/flows/acct/first/2016/2016-01/ft-v05.2015-06-17* > /backup/result.txt

See also:
Installing and using flow-tools

Installing DokuWiki

DokuWiki – wiki engine, to create documentation.

On the test, I install DokuWiki in Ubuntu Server.

Install the necessary components and activate the module Rewrite:

sudo apt-get install apache2 libapache2-mod-php php-xml
sudo a2enmod rewrite

Download the archive with the latest version of DokuWiki and unpack it:

cd /var/www/html
sudo wget https://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz
sudo tar xvf dokuwiki-stable.tgz
sudo mv dokuwiki-*/ dokuwiki

We will expose the right owner for all files (under which Apache2 works):

sudo chown -R www-data:www-data /var/www/html/dokuwiki

Create a test web configuration file:

sudo nano /etc/apache2/sites-available/dokuwiki.conf

Add content to it (we will tailor it to your needs, for DokuWiki you need AllowOverride All):

<VirtualHost *:80>
DocumentRoot /var/www/html/dokuwiki
<Directory /var/www/html/dokuwiki>
Options -Indexes
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>

We activate the web configuration and restart the web server:

sudo a2ensite dokuwiki
sudo service apache2 reload

Open the browser in the install page http: //SERVER/dokuwiki/install.php and follow the directions.

After the successful installation, delete the installation file:

sudo rm /var/www/html/dokuwiki/install.php

If you want to send email messages from the server, you can install Postfix for example:

sudo apt-get install postfix

See also:
Installing and Configuring Postfix
Installing and Configuring the Apache2 Web Server

Solution to the error “Unable to lock the administration directory (/var/lib/dpkg/)”

I noticed some error when executing apt-get install and other commands with apt-get:

Unable to lock the administration directory (/var/lib/dpkg/); is another process using it?

I noticed the error on my virtual test Ubuntu Server, on which I performed various settings via apt-get install and during the execution the power was lost and the installation was not completed.

In my case, after the server was turned on, the installation continued in the background and of course apt-get commands were not accepted, so the best option for solving the error is to wait, the “top” command shows that the installation process is continuing.
Also, if auto-update is enabled, the system can install them, in this case it is advisable to wait.

If there is no time to wait, then you can unlock the directory with the command:

sudo fuser -vki /var/lib/dpkg/lock

Solution of the error “Please run this cronjob as user amavis”

After installing updates on Ubuntu 14.04.1 LTS, an error with the text began to appear daily:

/etc/cron.daily/amavisd-new:
Please run this cronjob as user amavis
run-parts: /etc/cron.daily/amavisd-new exited with return code 1

The reason was the update of amavis and the migration when updating the configuration file /etc/cron.daily/amavisd-new in /etc/cron.d/amavisd-new, and for some reason the old file was not deleted.

As a result, the solution to this problem – make sure that the configuration file /etc/cron.d/amavisd-new is present and delete the old file /etc/cron.daily/amavisd-new.