How to Configure CTDB | Active Directory Integeration

Previous post i have shared the configuration steps to install Gluster,CTDB & CIFS/SAMBA. 

In this tutorial  i have shared one more step to integrate the Active Directory and CTDB samba share.

First we need to check AD server has to be reachable. then add host entry from both the server to initialised the communication between AD and samba servers.

# vi /etc/hosts

10.0.18.14       LDAPSERVER01.open.local  LDAPSERVER01

My host file

Prerequisites.

 # yum -y install samba-winbind samba-winbind-clients pam_krb5 krb5-libs

If the above required packages installed follow the steps to integeration between AD and CTDB.

Edit kerberos file to integrate the domain server. before edit backup the default configuration file.

# cp /etc/krb5.conf /etc/krb5.conf.old 

# vi /etc/krb5.conf

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5.kdc.log
admin_server = FILE:/var/log/kadmin.log

[libdefaults]
default_realm = OPEN.LOCAL
dns_lookup_realm = false
dnslookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true

[realms]

open.local = { kdc = LDAPSERVER01.OPEN.LOCAL
admin_server = LDAPSERVER01.OPEN.LOCAL }

[domain_realm]

.open.local = OPEN.LOCAL

open.local = OPEN.LOCAL
 

Edit nsswitch.conf  to store authentication information add below lines 

# vi /etc/nsswitch.conf

passwd:     files winbind
shadow:     files winbind
group:        files winbind

Then needs to be edit the samba configuration file to access the samba share to authenticate over AD.

# vi /data/store01/lock/smb.conf

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
clustering = yes
idmap backend = tdb2
private dir = /data/store01/lock
netbios name = cluster-share
workgroup = OPEN
realm = open.local
security = ads
auth methods = winbind, sam
idmap uid = 100000-200000
idmap gid = 100000-200000
idmap config * : range = 16777216-33554431
template homedir = /home/%U
template shell =/bin/bash
winbind use default domain = yes
winbind offline logon =false
winbind enum users = yes
winbind enum groups = yes
log file =/var/log/samba/%m.log
max log size = 0
local master = no
nfs4:acedup = merge
nfs4:chown = yes
nfs4:mode = special
winbind separator = +
password server = 10.0.18.14

[ORACLE_FILES]
comment = Gluster and CTDB based share
path = /data/store01/share
read only = no
writeable = yes
guest ok = yes
browseable = yes
create mask = 0777
directory mask = 0777
#valid user = user01
[gluster-data1]
comment = For samba share of volume data1
vfs objects = glusterfs
glusterfs:volume = data1
glusterfs:logfile = /var/log/samba/glusterfs-data1.%M.log
glusterfs:loglevel = 7
path = /
read only = no
guest ok = yes

If you done with smb configuration to copy the file from both the server where the samba configuration located.

# cp /data/store01/lock/smb.conf /etc/smb.conf 

# systemctl stop winbind.service

# systemctl disable winbind.service

Every thing done restart the ctdb.service on both servers.

# systemctl restart ctdb.service

Join AD server to authenticate samba share using below command after executed give administrator password instant of ad server.

# net ads join -U administrator -S   LDAPSERVER01.open.local

Check users.

# wbinfo -u

//10.0.18.12  to access AD user and password.

CTDB & AD integration done.

# chmod 755 /tmp/myscript.sh

linux, Linux Box, Linux Desktop, Linux Distribution, Linux Distributions, Linux Distros, Linux Drivers, Linux for Newb's, Linux Geek, Linux Journal, Linux Machine, Linux News, Linux Operating System, Linux Server, Linux Servers, Linux Shell, Linux Tutorials, Linux Users, Linux Version, Linux Video,Linux Windows, Linux Wine, Little Bit, Localhost, Local Host Logging, Logic, Logs, Long Time, Netbook, Networking, Open Linux, Open Office, Open Source, Open Source Application, Open Source, Community, Open Source Developers, Open Source Software, Open Ssh, Operating System, Operating Systems, Optimization,

How To Configure Gluster, Samba, CTDB Integeration in Redhat 7.XX & CentOS 7.XX

Follow the tutorial to configure the HA file storage using GlusterFS to replicated the data between no of servers. CTDB used for highly available Samba share.

Prerequisties:

Two servers (physical or virtual) RHEL7 or CentOS7 started linux installation root partition size minimum 16GB leave maximum disk space for shared storage here i have used XFS filesystem everything will be fine.

Started the configuration from 2 servers. 

Server01 = Filestore01  -- 10.0.18.10

Server02 = Filestore02  -- 10.0.18.11

Here  i have started without DNS this case to avoid the dns check add entry for both hosts.

# echo "10.0.18.10 Filestore01" >> /etc/hosts

# echo "10.0.18.11 Filestore02" >> /etc/hosts

Filesystem Creation.

Here we have a balance parition to create a gluster environment disk.

If you have not created the parition follow the instruction to create a filesystem.

# fdisk /dev/sda

# mkfs.xfs /dev/sda1

Mount the newly created partition to following below steps.

# mkdir  -p /gluster/bricks/store01

# mount /dev/sda1 /gluster/bricks/store01

Mounted Successfully just add the fstab entry for permanent mount from boot time.

# echo "/dev/sda1 /gluster/bricks/store01 xfs default 0 0" >> /etc/fstab

Execute the same steps to mount the partition from server02

Start Gluster Setup

We have a filesystems to bring gluster to inegrate with mounted volume  /gluster/bricks/store01.

gluster have a multiple bricks. multiple servers can grouped together to provide a similar as RAID.

Following setup we have a two servers, both servers having replicated gluster volume i have disabled SELINUX and FIREWALLD for this setup.

Gluster Installation on both servers.

# cd /etc/yum.repos.d/

# wget http://download.gluster.org/pub/gluster/glusterfs/LATEST/EPEL.repo/glusterfs-epel.repo

# yum install glusterfs-server -y

# systemctl enable glusterd.service

# systemctl start  glusterd.service

Lets enable the communication between the servers.

# gluster peer probe filestore02

Create brick volume in our gluster setup, execute below command from both the servers.

# mkdir -p /gluster/bricks/store01/brick1

Now everything prepared to create a gluster volume to using below command on server1.

# gluster vol create store01 replica 2 Filestore01:/gluster/bricks/store01/brick1 Filestore02:/gluster/bricks/store01/brick1

After execution the command Gluster volume named store01 with 2 replicas if this command returns ok.

start the gluster volume.

# gluster vol start store01

Volume started check the status of volume.

# gluster vol info store01

Mounting

lets create a directory on both servers to mount the volume.

# mkdir /store/store01 -p

Ensure the glusterfs client tools are installed.

yum -y install glusterfs-fuse

Now lets mount the volume.

# mount -t glusterfs Filestore01:store01 /data/store01

Fstab entry to mount from boot.

# echo "Filestore01:store01 /data/store01 glusterfs defaults 0 0" >> /etc/fstab

Repeat same steps on Filestore2

# mount -t glusterfs Filestore2:store01 /data/store01

# echo "Filestore2:store01 /data/store01 glusterfs defaults 0 0" >> /etc/fstab

Test the gluster volume to create a files or directory from the server where mounted the disk and check the created files to access the files on both server.if you get the files to access Gluster setup is complete.

CTDB, SAMBA

Clustered tdb database management utility will present storage via cifs, also create a (Virtual IP)

after created will do integrate with the active directory server.

# yum install -y ctdb samba samba-common samba-winbind-clients

Backup default ctdb config file before changes.

# mv /etc/sysconfig/ctdb{,.old}

Create CTDB lock and create a shared are.

# mkdir /data/store01/lock

# mkdir /data/store01/share

Create a ctdb file from your favourite editor to add following lines.

vi /data/store01/lock/ctdb

CTDB_RECOVERY_LOCK=/data/store01/lock/lockfile
#CIFS only
CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
CTDB_MANAGES_SAMBA=yes
#CIFS only
CTDB_NODES=/etc/ctdb/nodes

Create symlink on both hosts.

# ln -s /data/store01/lock/ctdb /etc/sysconfig/ctdb

Stop samba service from boot from both nodes.

# systemctl stop smb.service

# systemctl disable smb.service

# systemctl enable ctdb.service

Create new VIP for load balancing  from both the nodes.

# vi /data/store01/lock/public_addresses

10.0.18.12/24 ens160

We need to create nodes which contains the IP addresses of all servers which will present the storage.

# vi /data/store01/lock/nodes

10.0.18.10

10.0.18.11

Create symlink for those files from both servers.

# ln -s /data/store01/lock/nodes   /etc/ctdb/nodes

# ln -s /data/store01/lock/public_addresses /etc/ctdb/public_addresses

Change the samba configuration file to enable clustering part to access samba shared storage.

Two kind of samba storage normal one and AD integeration

On server1

# cp /etc/samba/smb.conf   /data/store01/lock/smb.conf

Normal samba share.

# vi /data/store01/smb.conf

clustering = yes

idmap backend = tdb2

private dir = /data/store01/lock

[oracle_files] comment = Gluster and CTDB based share

path = /data/store01/share

readonly = no

guest ok = yes

valid users = user01

Completed with the above samba configuration copied to the exact location, on both hosts.

# cp /data/store01/lock/smb.conf /etc/samba/

Add user user01 on both hosts

# useradd user01

# smbpasswd -a user01

Configuration done start the ctdb services from both hosts.service started with out errors check the ctdb status.

# systemctl start ctdb.service

# ctdb status

In status both nodes get ok share will now accessible from windows pc any thing can access via SMB/CIFS

\\10.0.18.12\share

AD integration setup shared in next post.

 

SVN migration

How to migration the subversion repository to another server.

In this article shared the subversion (SVN) repository movement and complete migration

one server to another server  with revision and his history! follow the below steps to done.

Easy steps to achieved the SVN migration.

1.  Backup

2.  Create

3.  Import

Step 1: Backup

Dump your current repositories.

# svnadmin dump /path/to/repository > svn_repo_name.dump

Full dump with all the revisions when we take this its quite large to compare repository dump.

# svnadmin dump /home/svn > mysvn_repo.dump

Step 2: Create

Create an empty repository using following command.

# svnadmin create /path/to/repostitory

Step 3: Import

Copy dump file from old svn server to new server. then start the import process our old repository in to the new repository. using following command.

# svnadmin load /path/to/repository < svn_repo_name.dump

Tip:

Need existing settings we need to did with same UUID for the new repository as the old repository

before import using below command to load.

# svn admin load --force-uuid /home/svn/newsvn < mysvn_repo.dump

How to install SVN in CentOS 7.XX Redhat 7.XX

STEP BY STEP SVN INSTALLATION

Apache Subversion mostly used for software versioning and revision control system. and used to maintain the software files such as source code documents and developed web pages.

Here basic installation methods for subversion and user based access for directories.

# yum update -y

# yum install subversion mod_dav_svn -y

# yum install httpd -y

Remove welcome.conf  use below command as a root user.

# sed -i 's/^/#&g' /etc/httpd/conf.d/welcome.conf

# sed -i "s/Options Indexes FollowSymLinks/Options FollowSymLinks/" /etc/httpd/conf/httpd.conf

Add below lines in 10-subversion.conf.

vi /etc/httpd/conf.modules.d/10-subversion.conf

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so
LoadModule dontdothat_module  modules/mod_dontdothat.so

<Location /svn>
DAV svn
SVNParentPath /home/svn
AuthName "SVN Repos"
AuthType Basic
AuthUserFile /etc/svn/svn-auth
AuthzSVNAccessFile /home/svn/pro1/conf/authz
Require valid-user
</Location>

Create a svn folder for example i have created in /home/svn.

# mkdir /hom/svn

# cd /home/svn/

Create svn repo using below command.

# svnadmin create /home/svn/pro1

Add svn privileged user using below command one more user you need to add, never use htpasswd -c use only m to add repo users.

# htpasswd -cm /etc/svn/svn-auth user1

# htpasswd -m /etc/svn/svn-auth user2

Change owner ship and set permission for svn-auth file.

# chown root:apache /etc/svn/svn-auth

# chmod 640 /etc/svn/svn-auth

Set user based directory access to edit authz file add line as per your directory repo level and save the file.

[groups]
admin=user1
pro1_user=user2

[/]
@admin=rw

[repo1:/trunk/software]
@pro1_user=rw

[repo1:/trunk/documents]
@pro1_user=r

# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe

# [/foo/bar]

After saving the authz file restart the httpd service.

# systemctl start httpd.service

# systemctl enable httpd.service

How to install Postgresql & Pgagent CentOS 7.X.XX Redhat 7.X.XX

Prepare to install postgresql and agent to follow below required steps.

# yum install epel-release -y

# yum install postgresql -y

  

# cd /tmp/

# wget   wget https://ftp.postgresql.org/pub/pgadmin3/release/pgagent/pgAgent-3.3.0-Source.tar.gz

# yum install wxGTK.x86_64 wxGTK-devel.x86_64 cmake

# wget http://excellmedia.dl.sourceforge.net/project/wxwindows/2.8.12/wxWidgets-2.8.12.tar.gz

# tar -zxvf wxWidgets-2.8.12.tar.gz

# cd wxWidgets-2.8.12/

# ./configure --with-gtk --enable-gtk2 --enable-unicode

# make

# su -c "make install; /sbin/ldconfig"

# tar -zxvf pgAgent-3.3.0-Source.tar.gz

# cd pgAgent-3.3.0-Source/

# cmake -D PG_CONFIG_PATH:FILEPATH=/usr/bin/pg_config -D STATIC_BUILD:BOOL= OFF .

# make

# su -c "make install"

# vi /var/lib/pgsql/data/pg_hba.conf

line no 80 change peer to trust 

# systemctl restart postgresql.service

# cd pgAgent-3.3.0-Source/

# psql -U postgres -d postgres -f pgagent.sql

# su -c "echo '/usr/include/pgsql/server/lib' >> /etc/ld.so.conf.d/postgres.conf"

Create a startup file to enable when server boot.

# vi /etc/rc.d/init.d/pgagent

####################################################
#!/bin/bash
#
# /etc/rc.d/init.d/pgagent
#
# Manages the pgagent daemon
#
# chkconfig: - 65 35
# description: PgAgent PostgreSQL Job Service
# processname: pgagent
. /etc/init.d/functions


RETVAL=0
prog="PgAgent"

start() {
    echo -n $"Starting $prog: "
    daemon "/usr/local/bin/pgagent hostaddr=127.0.0.1 dbname=postgres user=postgres"
    RETVAL=$?
    echo
}
stop() {
    echo -n $"Stopping $prog: "
    killproc /usr/local/bin/pgagent
    RETVAL=$?
    echo
}

case "$1" in
  start)
    start
    ;;
  stop)
    stop
    ;;
  reload|restart)
    stop
    start
    RETVAL=$?
    ;;
  status)
    status /usr/local/bin/pgagent
    RETVAL=$?
    ;;
  *)
    echo $"Usage: $0 {start|stop|restart|reload|status}"
    exit 1
esac

exit $RETVAL
##########################################

# su -c "/sbin/service pgagent start"

# cd /etc/init.d/

# chmod 755 pgagent

# su -c "/sbin/service pgagent start"

# su -c "/sbin/chkconfig --level 345 pgagent on"