Setting up an On-Premise instance of Amon

NewRelic no longer offers server monitoring for free accounts, so what are the alternatives when you’re on a skin-flint budget?

There are lots, but I’m not going to review any of them. Instead, I’ve been tasked with getting Amon running on a DigitalOcean droplet so that it might be appraised.

Amon can either be used as a SAAS, hosted by Amon themselves. Or it can be run “On-Premise” by cloning the git repo to your own server.

The On-Premise instructions didn’t work for me as-is on a fresh Ubuntu 16.04 server. So I present to you here the result of getting it going!

Assumptions:

  1. You know what you’re doing with Linux on a server.
  2. You can create your own VPS, or have dedicated hardware, that will only be used for server monitoring.
  3. MongoDB is installed from Mongo’s repo, not Ubuntu’s.
  4. Let’s Encrypt is used for the SSL certificate.
  5. The FQDN used for accessing the Amon instance matches the server’s full hostname (easy enough to change by altering FULL_HOSTNAME).
  6. Postfix is used on localhost as the MTA (alter the content of /etc/opt/amon/amon.yml if that’s not to be the case).

The following took the instructions of https://docs.amon.cx/onpremise/ and then extended/tweaked them to create a fully working server.

So the initial script I wrote turned out better suited to being a collection of scripts. And to keep them together, I’ve created a new GitHub repo to house them.

If you find it useful, great! If you would like to help make the installation provisioning system better, PRs are very welcome 🙂

https://github.com/bigcalm/amon-server

Upgrading Jenkins war file the quick and dirty way

The above bash script will download a given version of the jenkins.war file and symlink it into place before restarting the jenkins service.

Assumptions made:

  • The jenkins.war file is installed to /usr/share/jenkins
  • The server is using upstart for running services
  • User input is sane – there is no validation or sanitisation

Vagrant: sudo access and the hostsupdater plugin

Bringing up a vagrant machine is as easy as vagrant up.

If you’re a web developer, it would be nice if it were to add the private network IP address to /etc/hosts of the host machine. Thus giving you instant access to http://my-awesome-site.dev/

This doesn’t happen by default, but it is possible with the use of a plugin. The one I like to use is vagrant-hostsupdater.

Install thus:

When you bring up the vagrant machine, it will now automatically add the VM’s name to /etc/hosts.

As /etc/hosts is owned by root (and I hope you aren’t running everything as root), you have to provide sudo access to edit /etc/hosts.

Either you manually enter your sudo password every time you run vagrant up, or you can add some rules to sudoers.

This will work on Ubuntu type systems. Paths to sh and sed may be different on your own system.

Copy/paste the following into /etc/sudoers.d/vagrant and chmod the file to 0440

A similar system can be used if you want to make use of nfs for the file sharing with the VM.

Again, this works for Ubuntu systems, you mileage may vary.

Copy/paste the following into /etc/sudoers.d/vagrant and chmod the file to 0440

You will now be able to use nfs without having to enter your sudo password on each vagrant up and vagrant halt.
 

Basic set-up of a 3com 4500 managed network switch

I’m a PHP developer by trade with a strong Linux background. One thing that has been lacking from my skill set is how networking really works.

In an effort to rectify this, I bought myself a 2nd hand managed network switch from ebay. A 26 port (24 x 10/100mb + 2 x 1gb) “3com SuperStack 3 Switch 4500”.

Flashing lights and noisy fans, I feel like I’m headed in the right direction.

First things first – can I plug it into my router (with DHCP), have it get an IP address and log into the web interface?

No 🙁

Using nmap to sweep the subnet, that the router manages, returned no results for the known MAC address of the switch.

Even checking the router for connected devices didn’t list the known MAC address of the switch.

If I wasn’t getting into the system via the network, I would have to use the console port instead.

As I didn’t have a null modem cable to hand, and I don’t have an active machine with a d9 serial port, I grabbed something from Amazon: http://www.amazon.co.uk/gp/product/B00HUZ6OMQ (NB: does not work with this switch, keep reading)

As I’m a Linux user, I would be playing with /dev/ttyUSB0. And to use that, my user has to be in the dialout group:

Connecting to the serial console should be easy with:

Hooked up the cable, ran the command to bring up the serial interface and switched on the switch.

This, annoyingly vertical, video shows that something happens (watch the green block skit around in the black window) but no text appears: https://www.youtube.com/watch?v=sXVYtClNDYU

Every different program I tried (screen, minicom, putty) to connect to the device all resulted in the same output.

Thanks to fellow 3com switch owner Intrbiz, I have been able to borrow a known working cable.

Hooked up between the PC and switch, ran the byobu-screen command and turned on the switch – It lives!

Now that I have a way of talking to the switch, I can configure it in a way so that I don’t need the console cable (as much).

 

Factory reset (this requires the console cable):

We need to factory reset for the following reasons:

  • remove any unknown users
  • restore the admin password to the factory default
  • remove any network configuration set-up by the previous owners
  • set-up our own network configuration

Start a console session and power on or reboot the switch.

  • Hit ctrl+b when prompted. Be quick, you don’t get long.
  • Now in the boot menu, tell the switch to ignore the saved configuration for the next reboot (option 7).
  • Reboot the switch (option 0).

Let it boot normally and wait until something like this appears:

  • Hitting enter will log you in as the admin user.

  • Hit enter again to put your cursor on a new line, not at the end of the debug output line. Enter “save” to save the default configuration over the configuration that was written by the previous owner.

It’s now safe to reboot or power cycle the switch as much as you like and it’ll have the factory default settings.

 

Assign a static IP address to the network switch (this requires the console cable):

  • Ensure that the switch has booted and then connect to the console

  • Enter the system view

  • Switch to vlan 1

  • Set an IP address followed by netmask

  • Set the default route for the switch

  • Return to the user view

  • Save the configuration

 

Enable SSH login (this requires the console cable):

  • Ensure that the switch has booted and then connect to the console

  • Enter the system view

  • Create the public SSH key

  • Configure the authentication mode

  • Enable the SSH protocol for inbound connections

  • Exit the interface configuration and return to the system-view

  • Create a new user for our SSH connections

  • Set the user’s password

  • Give the user SSH access

  • Exit back to the system view

  • Allow the user to login via SSH using their password

  • Exit back to the user view

  • Save the configuration

  • Check that the SSH login works

 

Enable Web login (this can be done with the console cable or an SSH session to the switch):

  • Connect to the switch via the console
  • Change to the system view

  • Switch to the admin user

  • Configuration stuff

  • Return to the user view

  • Save the config changes

 

Reference

Firmware: https://h10145.www1.hp.com/downloads/SoftwareReleases.aspx?ProductNumber=JE045A

Enabling SSH logins: http://h30499.www3.hp.com/t5/Comware-Wireless-Unified-Series/How-To-Enable-SSH-In-3com-4500-Switch/td-p/2318357#.VXLVtd9jPRY

Fixing the web login: http://brittadams.com/blog/2014/08/25/unable-to-log-into-web-interface-3com-4500-switch/

Vagrant hostsupdater plugin without having to enter your sudo password

Vagrant – Great

Hosts Updater plugin – very handy

Having to enter your sudo password when the plugin edits your hosts file – really annoying.

I finally got around to addressing this on my dev system. Looking at the plugin source there are two sudo commands that we need to cater for. One to add hosts and one to remove.

Adding the following to my sudoers file worked a treat:

There are a couple of things to address when you add this to your own sudoers file:
1. Change ‘iain’ to your own user name
2. ‘sed’ might be running from a different path. You can find out by running: which sed

Multi-screen with Ubuntu Unity

This tweet has to have been the most popular thing I have ever said. At time of posting it has gained 80 retweets, 25 favourites and many replies/questions.

Work recently bought me a new workstation, so the 1st thing I always do is to dual boot with Ubuntu.

Some might consider me an edge case user. Though as a developer, I like a rather particular set-up. That is, 3 wide screen monitors with the central one rotated 90 degrees for my IDE.

This is something that Windows gets right without having to dig about installing things. While Linux distros have always struggled (in my experience).

Because my tweet gained quite a few questions, I thought it best to reply to them here for everybody to see.

@ankitvad asks what specs. I use for Ubuntu.
Titanium Rimless Glasses from Spex4Less.com
Couldn’t resist, sorry 🙂

Dell Alienware X51
CPU: i7
Memory: 8GB
Graphics card: nVidia GeForce GTX 660
Storage: 1TB HDD (Windows) 120GB SSD (Linux)
Mouse: Logictech M570 trackball
OSs: Window 7 SP1, Ubuntu 12.10 64bit
Monitors: 2 x 22″ Dell, 1 x 22″ LG

All 3 monitors are connected to the one graphics card. Two by DVI and one by HDMI.

As I said, this is a working system from a fresh install without updates being applied or any 3rd party packages installed. So the default graphics driver is doing quite well these days 🙂

The only downside to this is that the default graphics driver is dog slow and won’t let me play games on Steam 😉 The next step will be to get the nVidia binary driver working.

Chroot SFTP home dir

Example user ‘iain’