Installing Zabbix Server on Centos6

Zabbix as stated on official website is an “enterprise-level software designed for monitoring availability and performance of IT infrastructure components”.
It’s handy if you need to monitor a handful of servers and supports most major linux distributions, Windows, VMware and Java Applications. It’s also fairly easy to setup and understand with a short learning curve offering many built in “scenarios” and fancy graphs. I personally prefer it over other similar solutions like Nagios.
So let’s go through installing and configuring. There are two options, you can either use the official guide where you’ll have to go through all the steps and manually setup things or use a fancy ansible script and do things automagically! We’ll use the ansible script to make our lives easier.
Ansible is an automation tool that is able to deploy and configure software on multiple hosts simultaneously. Comparing it to other similar tools (chef, puppet, etc.) i find it much easier to read, write and maintain, has a big set of premade scripts that are expanding all the time at ansible galaxy and is agentless. All you need is ssh access to your machines. So let’s go through installing ansible and running our playbook.
You can install ansible on any machine you’d like and we’ll run the playbooks from there. On Fedora you can install it through the official repos with

sudo yum install ansible -y

We’ll use a premade playbook that i’ve found on ansible galaxy that installs zabbix server and agent on a Centos 6 system with MySQL and apache. First fetch the playbook.

sudo ansible-galaxy install akamine.c6-zabbix

Then edit the default configuration here /etc/ansible/roles/akamine.c6-zabbix/defaults/main.yml and follow the below steps.

 mkdir zabbix-ansible
cd zabbix-ansible
vi hosts
vi zabbix.yml
ansible-playbook -i hosts zabbix.yml

On the hosts file you’ll put the hosts you wish the playbook to run.
An example is as follows


And on zabbix.yml

- hosts: all
  - akamine.c6-zabbix

When playing the book you should see it output what is doing similar to this:

akis@localhost ansible$ ansible-playbook -i zabbix.yml 

PLAY [all] ******************************************************************** 

GATHERING FACTS *************************************************************** 
ok: []

TASK: [akamine.c6-zabbix | install libselinux-python] ************************* 
changed: []

TASK: [akamine.c6-zabbix | install MySQL-python] ****************************** 
changed: []

TASK: [akamine.c6-zabbix | change selinux mode to permissive] ***************** 
changed: []

TASK: [akamine.c6-zabbix | disable iptables] ********************************** 
changed: []

TASK: [akamine.c6-zabbix | install ntp] *************************************** 
changed: []

TASK: [akamine.c6-zabbix | Start and enable ntp service] ********************** 
changed: []

TASK: [akamine.c6-zabbix | install epel repo rpm key] ************************* 
changed: []

TASK: [akamine.c6-zabbix | setup epel repo] *********************************** 
changed: []

TASK: [akamine.c6-zabbix | install htop] ************************************** 
changed: []

TASK: [akamine.c6-zabbix | install tmux] ************************************** 
changed: []

TASK: [akamine.c6-zabbix | install mysql server] ****************************** 
changed: []

TASK: [akamine.c6-zabbix | enable mysql server] ******************************* 
changed: []

TASK: [akamine.c6-zabbix | set innodb_buffer_size in /etc/my.cnf] ************* 
changed: []

TASK: [akamine.c6-zabbix | enable event_scheduler in /etc/my.cnf] ************* 
changed: []

TASK: [akamine.c6-zabbix | install zabbix rpm key] **************************** 
changed: []

TASK: [akamine.c6-zabbix | setup zabbix repo] ********************************* 
changed: []

TASK: [akamine.c6-zabbix | install zabbix-server-mysql] *********************** 
changed: []

TASK: [akamine.c6-zabbix | install zabbix-web-mysql] ************************** 
changed: []

TASK: [akamine.c6-zabbix | install zabbix-agent] ****************************** 
changed: []

TASK: [akamine.c6-zabbix | create database zabbix] **************************** 
changed: []

TASK: [akamine.c6-zabbix | ensure mysqld is running] ************************** 
ok: []

TASK: [akamine.c6-zabbix | initialize zabbix database] ************************ 
changed: [] => (item=schema.sql)
changed: [] => (item=images.sql)
changed: [] => (item=data.sql)

TASK: [akamine.c6-zabbix | copy sql scripts for database partitioning] ******** 
changed: [] => (item=alter_table_indexes.sql)
changed: [] => (item=stored_procedures.sql)
changed: [] => (item=event_schedule.sql)

TASK: [akamine.c6-zabbix | alter table indexes] ******************************* 
changed: []

TASK: [akamine.c6-zabbix | add stored procedures for partitioning] ************ 
changed: []

TASK: [akamine.c6-zabbix | add partitioning event to schedule] **************** 
changed: []

TASK: [akamine.c6-zabbix | create mysql user] ********************************* 
changed: []

TASK: [akamine.c6-zabbix | modify /etc/zabbix/zabbix_server.conf] ************* 
changed: []

TASK: [akamine.c6-zabbix | modify /etc/httpd/conf.d/zabbix.conf] ************** 
changed: []

TASK: [akamine.c6-zabbix | add e-mail sending script to /usr/lib/zabbix/alertscripts] *** 
changed: []

TASK: [akamine.c6-zabbix | enable httpd] ************************************** 
changed: []

TASK: [akamine.c6-zabbix | enable zabbix server] ****************************** 
changed: []

TASK: [akamine.c6-zabbix | enable and start zabbix agent] ********************* 
changed: []

NOTIFIED: [akamine.c6-zabbix | restart zabbix server] ************************* 
changed: []

NOTIFIED: [akamine.c6-zabbix | restart httpd] ********************************* 
changed: []

NOTIFIED: [akamine.c6-zabbix | restart mysqld] ******************************** 
changed: []

PLAY RECAP ********************************************************************    : ok=37   changed=35   unreachable=0    failed=0

Next all you need to do is login to your new zabbix server instance on with username Admin and pass zabbix.
Will go through configuring the server and installing agents in a later post.
Happy playing around with zabbix!

PS: Some quick notes..
The ansible playbook installs mysql-server with default options, meaning no root password.
You can go further editing the playbook adding these to zabbix-database-init.yml

- name: Update mysql root password for all root accounts
  mysql_user: name=root host={{ item }} password=huhu
  with_items: [ '{{ ansible_hostname }}', '', '::1', 'localhost' ]

- name: Delete anonymous mysql user
  mysql_user: user="" host={{ item }} state=absent
  with_items: [ '{{ ansible_hostname }}', 'localhost' ]

- name: Remove test database
  mysql_db: db=test state=absent

This will setup a password for root account and remove test database.
I’ll probably do a fork of the repo and add some bits and pieces to it and update this post but for the time being this should do.

#alternative, #centos, #linux, #monitor, #monitoring, #nagios, #server, #zabbix

Enabling automatic updates on Centos6.

First install package yum-cron.

sudo yum -y install yum-cron

Then edit /etc/sysconfig/yum-cron if needed. The options are self-explanatory.
Finally to start the service and enable it to auto start on boot issue the following commands.

sudo service yum cron-start
sudo chkconfig yum-cron on

Updates will be run daily.

#centos, #linux, #updates

Vmware ESXi NAT Networking

The case: You have multiple virtual machines that you don’t want to expose directly to the internet and you prefer routing them through a single virtual machine. This is also handy if you are short on IPs. Our case is OVH specific and it will give you a guide on how to set things up on OVH weird network topology. Reason why we use ipcop instead of pfsense is because pfsense doesn’t support a 32bit net mask. No matter what i’ve tried i could get it to work with a 32 bit netmask and gateway on separate network. So IpCop was the next best thing and it does the job quite well.

ESXi Configuration:

Login to your Vsphere client and go to Configuration -> Networking.

On Network Access select “Create a vSphere standard switch” without select any vmnic .

Proceed to Connection Settings and name your new nic under “Network Label” . “Vlan ID” select None.

Proceed on creating a new VM including both NICs the one that you just created and the one that connects you to the outside world.

Then move on with standard installation of IPcop. Keep in mind that your RED network will be the one connecting outside and the GREEN one will be your internal nat network. If you are not sure of the network settings while installing proceed and will edit network config later on anyways.

After installation login to the machine and now let’s edit the files needed for proper networking under OVH routers.

vi /var/ipcop/ethernet/settings

DEFAULT_GATEWAY=Dedicated Server IP but end in .254
GREEN_1_MAC=Your Virtual Mac Address
RED_1_MAC=Your Virtual Mac Address

vi /etc/rc.d/rc.event.local

route add Dedicated Server IP but end in .254 dev wan-1
route add default gw Dedicated Server IP but end in .254

Reboot and you are done! You can now login to the web interface under

#esxi, #ipcop, #nat, #ovh, #pfsense, #virtual-machine, #vmware-2

Bash: Script to monitor hard disk health and send an e-mail on error.

Here is a simple script to test for reallocated sector count and report through mail if it finds any.
Reallocated sectors means your disk has sectors where it can’t read/write thus it uses a reserved space to reallocate those sectors.
In general reallocated sectors are bad news for your disk and you should consider a backup and send to warranty.
The script reads the smart value and reports. It should be self explanatory to use it just type ./ nameofthehost. Afterwards set a cron to run daily.
Credits to Thorsten Rhau for the base script.

# This script checks the health of disks

#Define a friendly name for this machine

#Location to temporary store the error log
#Set default for not sendig mails

# Disks to check

# Setting up path

# variable containing all needed commands
needed_commands="smartctl awk mail"

# Checking if all needed programs are available on system
for command in $needed_commands
  if ! hash "$command" > /dev/null 2>&1
    echo "$command not found on system" 1>&2
    exit 1

# Checking disk
for disk in $disks
  # Creating a array with results
  declare -a status=(`smartctl -a -d ata $disk | awk '/Reallocated_Sector_Ct/ || /Seek_Error_Rate/ { print $2" "$NF }'`)
  # Checking that we do not have any Reallocated Sectors
  if [ "${status[1]}" -ne 0 ]
    echo "$mname Warning: Disk $disk has errors! ${status[0]} ${status[1]} ${status[2]} ${status[3]}. Following complete smartctl output." >> diskerror.log
    smartctl -a -d ata $disk >> $logloc/diskerror.log
    failed=("${failed[@]}" "$disk")

#Send an e-mail if needed containing the failed diks (fdisks) info.
if [ $sendm == 1 ]; then
  mail -s "$mname Disks $fdisks are about to fail." user@localhost < $logloc/diskerror.log
  rm -rf $logloc/diskerror.log

#bash-2, #disk, #hard-disk, #health, #mail-2, #s-m-a-r-t, #script, #sda, #smart, #smartctl

Bash: A very basic folder and MySQL bash backup script.

Here is a basic bash script to backup a folder and a MySQL database.

#Backup script for www and mysql.

DATE=`date +%-Y%-m%-d`

# The function to actually do the backup.
function dobackup {
	echo "Starting backup for" $user
	echo "Backing up" $backup_source
	tar -cvzPf $backup_path$DATE-$user.tar.gz $backup_source
	echo "Backing up MySQL database.."
	mysqldump --user=$user --password=$password --host=$host $db_name > $backup_path/$db_name-$date.sql
	gzip $backup_path/$db_name-$date.sql
	echo "Backup done"

# Script should be run with arguement dobackup if we want to backup or delete if we want to delete todays backup.
if [ $1 = "dobackup" ] ; then
elif [ $1 = "delete" ] ; then
	rm -f $backup_path$DATE-$user.tar.gz
  	echo "Deleted old backup"

Then we crontab this accordingly.

Alternatively you could add something like this to delete files older than 2 days on the backup path.

#Delete files older than 2 days
find $backup_path/* -mtime +2 -exec rm {} \;

#backup, #bash-2, #mysql, #script

Virtualbox: Kernel driver not installed (rc=-1908) CentOS/Fedora

Virtualbox Error

Virtualbox Error

This happens after a kernel update. Just install the following meta-package and reboot.


sudo yum install kmod-VirtualBox.x86_64

or for 32bit

sudo yum install kmod-VirtualBox.i686

#1908, #centos, #error, #fedora, #kernel-driver, #virtualbox, #virtualization

Migrating Subversion (SVN) to Git

We decided to move from a local subversion we were using to git using Bitbucket. Why moving from svn to git is a matter of taste imho. Whatever suits you best, there would definitely be pros and cons for each. We did it cause the programmers seemed to like working with git and we didn’t want to maintain an svn ourselves.  Bitbucket vs Github is all about the cost, in the end they are both git. In our case Bitbucket was cheaper since we are a small group of developers with large amount of repos, so the pricing of Bitbucket (per developer) is just right for us.

Bitbucket offers migration through their webpage but that was no option for us because we needed our commit history intact. So we were off for alternatives. Also our svn was pretty old so we had to do some extra steps before migrating. So let’s go through them.

Step 1

Install svn to a local machine.

sudo yum install mod_dav_svn subversion

For the rest you can follow this guide up to the point of creating a testrepo. Instead of creating testrepo we are going to take our own repos from the remote svn and put them in /var/www/svn.

Step 2
On the remote server.

tar -zcvf svnbackup.tar.gz /var/www/svn

Then get this to your local svn and extract accordingly.

Step 3

Give proper user rights

chown -R apache.apache *
chcon -R -t httpd_sys_rw_content_t /var/www/svn/*

And then goto your backuped svn folders and perform and svnadmin upgrade like this

 svnadmin upgrade /var/www/svn/myproject 

Step 4

Get a list of the authors so our commits get linked to them. Using this trick.

svn log --quiet http://localhost/svn/myproject \
| grep '^r' | awk '{print $3}' | sort | uniq > authors.txt

Step 5

Now the rest is simple using this guide.

git svn clone http://localhost/svn/svn.myrepo/ -A authors.txt my_repo
git init --bare my_bare_repo
cd my_bare_repo
git symbolic-ref HEAD refs/heads/trunk
cd ../my_repo
git remote add bare ../my_bare_repo
git config remote.bare.push 'refs/remotes/*:refs/heads/*'
git push bare
cd ../my_bare_repo
git branch -m git-svn master
git remote add origin
git push origin master

Bumps and how you can manage them!

    1. After git svn clone you end up with this error
fatal: refs/remotes/trunk: not a valid SHA1
update-ref HEAD refs/remotes/trunk: command returned error: 128

In most cases the below should do the job. Else do a git branch -a see your remotes and set master to follow one of them.

 git update-ref refs/heads/master refs/remotes/git-svn 

#bitbucket, #git-2, #github, #migration, #svn-2

Joomla: 500 internal server error on administrator panel.

The solution is rather simple.
You need to set the right permissions for log , cache, tmp and administrator/cache.
So goto your joomla root dir and

chmod 755 log cache tmp administrator/cache

Also make sure the file ownerships are correct.

chown -R myuser myjoomladir

And last to get rid of “500 – An error has occurred” while logging to the admin read the error_log which should be like this

[16-Nov-2013 10:00:37 Europe/Athens] PHP Warning:  fopen(/home/myuser/www/logs/error.php) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: Permission denied in /home/myuser/www/libraries/joomla/log/loggers/formattedtext.php on line 248

Meaning you have to

chmod 777 /home/myuser/www/logs/error.php

Also one last thing to keep in mind is you need to have the correct path for log and tmp at your configuration.php file. Something like that.

 public $log_path = '/home/myuser/public_html/logs';
 public $tmp_path = '/home/myuser/public_html/tmp';

All set!

Otenet outgoing smtp server blacklisted ( and how to fix it.

If you use an email client for sending emails the default outgoing smtp server for otenet is according to this.

From what i’ve figured out this acts as a gate that sends you to one of the smtp servers of Otenet.
The thing here is that Otenet smtp servers tend to get blacklisted every now and then and there is nothing you can do about it. The mails would bounce back from the server following this error.

This is the mail system at host
I’m sorry to have to inform you that your message could not
be delivered to one or more recipients. It’s attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system

<>: host []
said: 554 5.7.1 Service unavailable; Client host [] blocked
using; Blocked – see (in reply to RCPT TO command)

What this informative yet unhelpfull error message says is that which resolves to is blacklisted by spamcop. What you can do is tell spamcop that this is not a smap through their page but even if you do you still have to wait for them to approve etc which in best case takes some hours.

So the alternative is to use directly one of the smtp servers of Otenet and not going through the mailgate.
To do so you can use any of these 4 ips making sure that they are not blacklisted.

You can check their blacklist status here .

Joomla: Increase max upload size limit

Joomla uses it’s own php.ini for the administration panel. So although we had change our values in the root php.ini the upload_max_filesize remained at 8M.

To increase that we need to edit the php.ini located under the administrator dir and add those two lines

upload_max_filesize = 50M
post_max_size = 50M

Also have a look at your Media Manager Component configuration and increase the limit accordingly.
All done.

#file-limit, #joomla-2, #max-upload-size, #php-ini