Installing ZXTM beyond ./zinstall

Posted: June 24th, 2009 under Tool, Tips and Tricks, Zeus ZXTM.

imageThis post is aimed at covering the stuff required to deploy ZXTMs that isn’t actually the ZXTM install itself. Tasks such as OS configuration, firewall, user accounts etc. If your a Linux admin you already know this stuff but you may find it useful as a checklist. 

This post relates to RHEL 5.x

After you install the OS

Set up user accounts

useradd username
passwd password

I create an account called remote that I can us to login via SSH.

Network

Set up networks to provide access to internet

For example here is my VM config ( /etc/sysconfig/network-scripts/ifcfg-eth0 file for eth0 network interface:)  use nano or vi to edit this as required. 

DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
HWADDR=00:0F:EA:91:04:07
IPADDR=192.168.1.111
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
TYPE=Ethernet

Static routes:

You would put your default gateway in “/etc/sysconfig/network” using “GATEWAY=x.x.x.x”

You would typically add static routes into a startup file the system will read on boot e.g.

/etc/sysconfig/network-scripts/route-eth0

#Route Description

10.8.0.0/24 via 10.0.0.1 dev eth0

Once configured you can get the system to re-read the files as follows:

“service network restart” (redhat specific)

Or

“/etc/init.d/network restart” (Works with just about any Unix box)

 

RHEL 5 Registration

rhn_register

Follow onscreen dialogue to register RHEL – You obviously need to have purchased a subscription.

clip_image002

Install Java

yum install java

its that easy :)

clip_image004

clip_image006

General OS Update

To update RHEL simply type Yum update

ZXTM pre Install

This section assumes that you are doing the install remotely from Windows machine. You must have port 22 access through any firewalls between zxtm and remote console.

Download following utils

winscp http://winscp.net/eng/download.php

putty http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Use winscp to upload ZXTM.tar file to /home/remote

Use putty to SSH to host as remote

Then sudo to root

clip_image008

Untar the zxtm install file

Tar –zxf /home/remote/ZXTM_51r1_Linux-x86.tgz

This creates a folder called ZXTM_51r1_Linux-x86

Navigate to the folder it contains zinstall

Type ./zinstall

clip_image010

Once the install is completed you may need to configure the firewall (iptables) to allow access to the administration port.

RHEL Firewall

iptables – open ports required for administration

e.g. this command allows access to ZXTM default admin ports from 192.168.1.1

iptable –A INPUT –d 192.168.1.1 –p –tcp –m tcp –dport 9080:9090 –j ACCEPT

/etc/init.d/iptables save

List command allows inbound connections on 9090

iptables –A INPUT –p tcp –m tcp –dport 9090 –j ACCEPT

Obvious but if you are installing ZXTMs into existing platform consider the infrastructure such as firewalls and routers. You may require static routes on the ZXTM “internal” interfaces to route to you web servers. Other consideration is to make sure that the ZXTM interfaces can ping the gateway address set in the network configuration.

Useful ports to open on any firewall/s in related infrastructure. You may also need to configure iptable on zxtm hosts as well.

SNMP (161) – to infrastructure server (monitoring).

SSH (port 22) – between administrative console & infrastructure server (back up).

RADIUS (1812) – to Radius server if required

HTTP (80) – to all relevant servers via internal interface and to external to internet/network that the clients come from :)

HTTPS (443) – to all relevant servers via internal interface and if providing SSL passthru to external to internet/network that the clients come from :)   

DNS (53)

 

ZXTM specific OS

Areas of the OS to be familiar with from a ZXTM configuration perspective (assumes Redhat RHEL)

Zeus Install directory

/usr/local/zeus/zxtm/

Logs:

/usr/local/zeus/zxtm/log/

They include

errors – this is were log.info() output is logged

audit – Log shows security/change activity viewed via Diagnose/Audit Log

audit

Plus any logs that you have created for virtual servers (Activity/View Logs/Virtual Server Request Logging)

Extra Files

This is were extra files live such as IP white list or html assets that you want to have served by the ZXTM in the event of loss of connectivity to or outage of web servers.

/usr/local/zeus/zxtm/conf/extra

extrafiles 

Config Script

If you need to make changes to core ZXTM install the config script is located in

/usr/local/zeus/zxtm/

to execute type ./configure

configure 

Debugging

To view logs in real time for debugging

tail –f /usr/local/zeus/zxtm/log/errors

Hope this is useful :)

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment