Model1 Environment :
Low level prototype client requirements
Application Details :
Application Name : NRTD FSTS2
Initial requirement :
Build POC (Proof of Concept) environment with basic setup
Mandatory Guidelines :
1 2 3
|
<span style="font-size: 14pt"><span style="font-size: 12pt">1) Everything should be built on VMs only. CentOS7 or Ubuntu16LTS. VMs should be based on KVM hypervisor No other hypervisor (VMWare,Virtualbox) is allowed. </span></span>
|
1 2
|
<span style="font-size: 14pt"><span style="font-size: 12pt">2) All VMs should be launched with below qcow2 image. (meta file for the qcow2 image is also given) </span></span>
|
1 2
|
<span style="font-size: 14pt"><span style="font-size: 12pt">centos7-goldenimage-x8664-v2-280618.qcow2 </span></span>
|
1
|
<span style="font-size: 14pt"><span style="font-size: 12pt">centos7-goldenimage-x8664-v2-280618.meta</span></span>
|
1 2
|
<span style="font-size: 14pt"><span style="font-size: 12pt">Above 2 files available at ncdftp@192.168.22.14:/home/ncdftp/vmimages </span></span>
|
1
|
<span style="font-size: 14pt"><span style="font-size: 12pt">password for ncdftp user is ncodeit1234</span></span>
|
Proposed environments Diagram :
Hypothetical Environment
Phase1 : Installation
Phase2 : Integration from one product to another
Phase3 : Code commit/build/deployment of the application to the Environment
Phase4 : Setup Monitoring
Phase5 : Generate Alerts & Reports
Phase1 : Installation
Pre-requisites :
2. $ yum update
3. $ yum install epel-release-7-11
Installations :
Create a new KVM based VM :
→ Open virt manager
$ virt-manager → Click on File → Select create new virtual machine → Select “import existing disk image” → Select qcow2 image from image directory → Select RAM as 2GB → Select Network selection “Select Bridge br0” → Select finish.
Customization VM of new user :
1
|
$ vi prometheus.yml$ sudo yum -y install git
|
1
|
$ sudo mkdir -p /tmp/customscripts && cd /tmp/customscripts
|
1
|
$ sudo git clone https://github.com/ncdsys/ncdcustom.git
|
Installation of JDK :
1
|
$ sudo yum install -y java-1.8.0-openjdk-devel # Install java with particular version
|
1
|
$ source /etc/profile # To set an initial path
|
→ Along with jdk installation , run the following commands to create V2 of golden image
1
|
$ sudo yum install wget net-tools curl htop -y
|
1
|
$ sudo systemctl stop firewalld # To stop firewall
|
1
|
$ sudo systemctl disable firewalld # To disable firewall
|
→ To disable selinux Permemantly
1
|
$ sudo vi /etc/sysconfig/selinux
|
SELINUX=disabled
→ Save and Close.
Git Installation & Github Repo Creation:
Step 1 : Install git
1
|
$ yum install git-all-1.8.3.1-14.el7_5 # Install git with specific version
|
Step 2 : Github account creation
→ Create an account in github.com → Create a new Repository
Jenkins Installation :
→ Update yum repo to install latest stable version of Jenkins
1
|
$ sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
|
1
|
$ sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
|
→ To install Jenkins:
1
|
$ yum install jenkins-2.121.1-1.1 #Install Jekins with specific version
|
→ For accessing in browser :
1
|
https://localhost:8080 #Jenkins default port is 8080
|
Installation of Tomca$ ansible Tomcat-servers -m pingt:
Step 1: Download Tomcat from original site.
1
|
$ wget http://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.10/bin/apache-tomcat-9.0.10.tar.gz
|
1
|
$ tar xvf apache-tomcat-9.0.10.tar.gz # Untar the downloaded file.
|
Step 2 : Goto apache direcctory
1
|
$ cd apache-tomcat-9.0.10
|
Step 3: Create soft link to the apache directory
1
|
$ ln -s apache-tomcat-9.0.10
|
Step 4: How to setup the JAVA_HOME and deploy war file
1
|
$ ./startup.sh or ./catalin.sh #both are same
|
Step 5: To know the program runing or not in bckground
Step 6: Goto conf/tomcat-user.xml
→ add the below content
<role rolename="manager-gui"/>
<role username="ncodeit" password="ncodeit123" roles="manager-gui"/>
→ Save and Close
1
|
$ ./catalina.sh start #To start the Tomcat
|
→ To access in browser:
1
|
IP-Address:8080 # Default port for Tomcat is 8080
|
Installation of mariaDB:
Step 1:Checking whether the mariadb is installed or not
1
|
$ rpm -qa | grep maridb
|
Step 2 :Installing the mariadb and mariadb-server
1
|
$ yum install mariadb-5.5.56-2.el7.x86_64 mariadb-server
|
Step 3: Allows the Mysql traffic using firewalld in CentOs7
1
|
$ firewall-cmd --permanent --add-service=mysql
|
NOTE: If it successfully executed, it shows “Success”
Step 4: This Command Reload firewall rules and keep state information
1
|
$ firewall-cmd --reload
|
Step 5: Start, Restart and Stop the Mariadb,These commands are used
1
|
$ systemctl start mariadb
|
1
|
$ systemctl restart mariadb
|
1
|
$ systemctl stop mariadb
|
Step 6: To enable the Mariadb we use
1
|
$ systemctl enable mariadb
|
Step 7: To check the status of Mariadb
1
|
$ systemctl status mariadb
|
Step 8: This command Improves MySQL Installation Security
$ mysql_secure_installation
→ Enter current password for root ( enter for none) : enter
→ Set root password?(Y/n) y
→ New Password:
→ Re-enter new password:
(it shows msg like passwrd updated successfully,Reloading privilege tables,Success)
→ Remove anonymous users?(Y/n)→y
→ Disallow root login remotely?(Y/n)→Enter
→ Remove test database & success to it?(Y/n)→Enter
→ Reloading privilege tables now?(Y/n)→Enter
NOTE: After completion of this mysql secure installation it shows message like “Thanks for using MariaDB”
Step 9: Login to user
→ Enter password:
Installation of Prometheus :
Pre-requisites: Server, Nodes to monitor.
→ Execute Prometheus on Server:
Step 1: Download Prometheus
1
|
$ wget https://github.com/prometheus/prometheus/releases/download/v2.3.1/prometheus-2.3.1.linux-amd64.tar.gz #in central server
|
Step 2: unzip the Prometheus tar file
1
|
$ tar xvf prometheus-2.3.1.linux-amd64.tar.gz
|
Step 3: Enter into the Prometheus Directory
1
|
$ cd prometheus-2.3.1.linux-amd64
|
Step 4: Modify the prometheus.yml file as per our requirements
→ Find the below code
scrape_configs:
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
– job_name: ‘job-name’
scrape_interval: 5s
# metrics_path defaults to ‘/metrics’
# scheme defaults to ‘http’.
static_configs:
- targets: [‘localhost:9090‘]
→ Modify the above code as below
scrape_configs:
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
– job_name: ‘prometheus’ # Give any job name
scrape_interval: 5s
# metrics_path defaults to ‘/metrics’
# scheme defaults to ‘http’.
static_configs:
- targets: [‘192.168.22.110:9090‘] #Server-IP and default port is 9090
→ If we want to add the nodes to the Prometheus server use the below code
– job_name: ‘export_node’
scrape_interval: 5s
# metrics_path defaults to ‘/metrics’
# scheme defaults to ‘http’.
static_configs:
– targets: [requried_number_of_nodes] #node ip of other system
→ Save and Close.
Installation of Rundeck :
1
|
$ rpm -Uvh http://repo.rundeck.org/latest.rpm #Download yum repo
|
1
|
$ yum install rundeck-2.11.4 # Install rundeck with specific version
|
1
|
$ /etc/init.d/rundeckd start # To start rundeck
|
→ To make sure the service is running:
1
|
$ /etc/init.d/rundeckd status # To check rundeck status
|
1
|
$ netstat -anp | grep '4440\|4443' #To check the default port is listening or not
|
Step 1: Goto Rundeck directory
Step 2: Modify the content in framework.properties file as per our requirements
1
|
$ vi framework.properties
|
→ Modify the content as below:
framework.server.name = <IP-Address>
framework.server.hostname = <IP-Address>
framework.server.port = 4440 # default port
framework.server.url = http://IP-Address
Step 3: Modify the content in rundeck-config.properties file as per our requirements
1
|
$ vi rundeck-config.properties
|
→ Modify the content as below:
grails.serverURL=http://<IP-Address>:4440
Step 4:
1
|
$ systemctl stop firewalld # To stop Firewall
|
1
|
$ systemctl disable firewalld # To disable Firewall
|
1
|
$ systemctl restart rundeckd # To restart Rundeck
|
Step 5: To Access in browser
→ IP-Address:4440
Username: admin
Password: admin
Ansible Installation :
Step 1: Install ansible
1
|
$ yum install ansible-2.4.2.0-2.el7
|
Step 2: check ansible version
Datadog Installation:
Pre-requisites:
1.Gmail Account
2.Centos box
Implementation Steps:
→ signup datadog using gmail account.
https://app.datadoghq.com/signup
Mail : ncodeitchrysalis@gmail.com
Password : ncodeit123
Name : nCodeIT
→ Click on agent Setup.
→ Choose CentOS/RedHat and click on finish at bottom right side of the page.
→ Copy the Installation steps in the below link and paste it in Centos Box.
https://app.datadoghq.com/signup/agent#centos
→ Cilck on click here
→ Yow will find the below steps
Step 1: Setup Datadog’s Yum repo your system by creating /etc/yum.repos.d/datadog.repo with the contents:
1
|
$ sudo vi /etc/yum.repos.d/datadog.repo
|
[datadog]
name = Datadog, Inc.
baseurl = https://yum.datadoghq.com/stable/6/x86_64/
enabled=1
gpgcheck=1
gpgkey=https://datadoghq.com/DATADOG_RPM_KEY.public
Step 2: Update your local yum repo and install the Agent:
1
|
$ sudo yum remove datadog-agent-base
|
1
|
$ sudo yum install datadog-agent
|
Step 3: Alternatively, copy the example config into place and plug in your APT key(e06ab1652232b79f80d4d30b16a98bc8) :
1
|
$ sudo sh -c "sed 's/api_key:.*/api_key:e06ab1652232b79f80d4d30b16a98bc8/' /etc/datadog-agent/datadog.yaml.example > /etc/datadog-agent/datadog.yaml"
|
Step 4: Re-start the Agent on Centos box:
1
|
$ sudo systemctl restart datadog-agent.service
|
→ Start the datadog-agent service.
1
|
$ systemctl start datadog-agent
|
→ Select Dashboard from left side of the page, Click on New Dashboard.
→ Give a Dashboard name and choose New TimeBoard.
→ Select a Timeseries Graph.
→ At step 2 from current page (choose metrics and events).
→ At from option choose centos machine hostname.
→ Click on Save Option.
→ Again click on Dashboard Icon from leftside of the page and select Dashboard List.
→ Here to check the performance of syatem Disk I/O, Networking and Overview.
Nexus Installation :
Step 1: Download the nexus-3.12.1-01 tar file from nexus official web site
1
|
$ sudo wget http://download.sonatype.com/nexus/3/latest-unix.tar.gz
|
→ Select latest-unix.tar.gz
Step 2: copy the nexus file in /usr/local directory
1
|
$ cp latest-unix.tar.gz /usr/local/
|
Step 3: Unzip and extract the tar file
1
|
$ sudo tar zxvf latest-unix.tar.gz
|
Step 4: Create a soft link for the nexus directory
1
|
$ sudo ln -s nexus-3.12.1.01 nexus
|
Step 5: Now add nexus user & make owner of dir
1
|
$ sudo chown -R nexus:nexus nexus
|
1
|
$ sudo chown -R nexus:nexus nexus-3.12.1.01
|
1
|
$ sudo chown -R nexus:nexus sonatype-work
|
Step 6: Adding user in nexus.rc file & specify the IP in nexus-default.properties file
1
|
$ sudo cd /usr/local/nexus/bin/
|
1
|
$ sudo vi nexus.rc # add the run application as nexus
|
run_as_user=”nexus”
→ Save the file
1
|
$ sudo vi nexus-default.properties
|
application-port=8081
application-host=<IP_address of the SERVER>
nexus-context-path=/nexus
→ Save the file
Step 7: Go to bin directory and run the nexus
1
|
$ cd /usr/local/nexus/bin
|
Output : nexus started
Step 8: Stop Firewall and access in the browser
1
|
$ systemctl stop firewalld
|
→ To access nexus in browser
IP_Address:8081/nexus
Step 9: Login as default user and password
Username: admin
Password: admin123
Phase 2: Integration from One product to another
List Of Integrations :
git→ github:
1
|
$ git config --global user.name “Your name”
|
1
|
$ git config --global user.email “name@email.com”
|
1
|
$ mkdir devops-project # make a directory
|
1
|
$ touch index.html # create an empty file
|
1
|
$ git commit -m “First Commit”
|
1
|
$ git remote add origin <github-Repository-URL>
|
1
|
$ git push -u origin master
|
→ Here it will prompt username and password of github account
github→ jenkins:
→ Start the Jenkins on the server
1
|
$ systemctl start jenkins
|
→ Open Jenkins on browser
IP-Address:8080 # default port
username :ncodeit
password : ncodeit123
→ We get the jenkins homepage.
→ Select New item.
→ Give the Name of the project → Select Freestyle project → ok
→ Select the newly created project .
→ Choose newly created Project and then select configure from the left given options.
→ Under Source code management select Git.
→ Under Repositories give the Repository url of the github project url.
→ Under Credentials select add to configure the username and password for the repository.
→ Select the username and password (github account) given from the drop down list.
jenkins→nexus:
→ Start the nexus on the server
1
|
$ systemctl start nexus
|
→ Open Nexus on browser
IP-Address:8081 # default port
username/password : admin/admin123
→ After loading the dashboard click on settings on the top left corner
→ Choose Repositories
→ choose create repository
→ Select raw(hosted) from the list
→ Give the name of the Repository.
→ Choose the blob store to active
→ Then choose create repository
→ Install Nexus Plugin
→ Under Build select from the build step Nexus articaft uploader
→ Choose Nexus on Nexus Version
→ Input Nexus url
On Nexus Server:
→ Login to nexus server
→ Choose settings from the top most corner
→ Select repositories from the left given options
→ Select the repository created
→ Copy the url of the repository created
→ Paste the url without http on the URL
→ Credentials (add) → add credentials of nexus (username and password)
→ Give Repository name as group id
Ansible→ All servers for server configuration:
1
|
$ ssh-keygen #Generate key
|
1
|
$ ssh-copy-id ncodeitadm@<IP of the Server> # Copy the generated ssh key to all the servers.
|
→ Add all the Server IPs in /etc/ansible/hosts file as All-servers.
→ To ping to the all nodes
1
|
$ ansible All-servers -m ping
|
Ansible→ All tomcat instances for deployment of application:
1
|
$ ssh-keygen #Generate key
|
1
|
$ ssh-copy-id ncodeitadm@<IP of the Server> # Copy the generated ssh key to all the servers.
|
→ Add all the Server IPs in /etc/ansible/hosts file as Tomcat-servers.
→ To ping to the all nodes
1
|
$ ansible Tomcat-servers -m ping
|
Tomcat→ mariadb:
Rundeck→ All VMs:
Step 1: Start rundeck and access in the browser
1
|
<span style="color: #000000;font-family: times new roman,times,serif"><span style="font-size: large"><span lang="zxx">$ systemctl start rundeckd</span></span></span>
|
→ Open Rundeck server in Browser
IP-Address:4440 # Default port for Rundeck is 4440
Username: admin
Password: admin
Step 2: Create the project
→ Select new-project from dashboard→Enter the project name → Create
Step 3: Set the password and Login as rundeck user
Step 4: Generating key as a rundeck user
Step 5: Copy the ssh key to all servers
1
|
$ ssh-copy-id username@ipaddress
|
Step 6: Add server details in resources.xml file
1
|
$ cd /var/rundeck/projects/”project-name”/etc
|
<node name="<IP-address>" description="Rundeck server node" tags="" hostname="<IP-address>" osArch="amd64" osFamily="unix" osName="Linux" osVersion="3.10.0-862.3.2.el7.x86_64" username="username"/>
→ Save the file.
NOTE: In same way add above code for remaining servers
Step 7: Restart the rundeck server and stop the firewall
1
|
$ systemctl restart rundeckd
|
1
|
$ systemctl stop firewalld
|
Step 8: Open Rundeck server in Browser
IP-Address:4440 # Default port for Rundeck is 4440
Username: admin
Password: admin
→ Click on Created Project
→ Click on Nodes tab.
Here you can see the integrated nodes.
Nagios→ All VMs & All NODES:
Datadog→ All VMs & ALL NODES:
→ Run the following code on all nodes and servers
1
|
$ ssh user@<Node-IP or Server-IP>
|
Username: ncodeitadm
Password: ncodeit123
→ Follow the below url to get the installation steps for datadog-agent
https://app.datadoghq.com/signup/agent#centos
Step 1: Set up Datadog’s Yum repo on your system by creating /etc/yum.repos.d/datadog.repo with the contents
$ /etc/yum.repos.d/datadog.repo
[datadog]
name = Datadog, Inc.
baseurl = https://yum.datadoghq.com/stable/6/x86_64/
enabled=1
gpgcheck=1
gpgkey=https://yum.datadoghq.com/DATADOG_RPM_KEY.public
→ Save and Close.
Step 2: Update your local yum repo and install the Agent:
1
|
$ sudo yum remove datadog-agent-base
|
1
|
$ sudo yum install datadog-agent
|
Step 3: Copy the example config into place and plug in your API key
1
|
<span style="font-family: times new roman,times,serif;color: #000000"><span style="font-size: large">$ sudo sh -c "sed 's/api_key:.*/api_key: e06ab1652232b79f80d4d30b16a98bc8/' /etc/datadog-agent/datadog.yaml.example > /etc/datadog-agent/datadog.yaml"</span></span>
|
Step 4: Re-start the Agent on Centos 7 :
1
|
$ sudo systemctl restart datadog-agent.service
|
→ Create a Dashboard
→ Select Timeseries Graph and add the hostnames of the servers and nodes.
Prometheus→ All VMs & ALL NODES:
Step 1: Go to Prometheus directory
1
|
$ cd /home/ncodeitadm/prometheus-2.3.1.linux-amd64
|
Step 2: Run the prometheus
Step 3: Access on the browser
Ip-address:9090(default port)
192.168.22.139:9090 (PROD server)
192.168.22.161:9090 (NON-PROD server)
Step 4: Go to Prometheus folder and add servers and nodes to the prometheus.yml file
1
|
$ cd /home/ncodeitadm/prometheus-2.3.1.linux-amd64
|
1
|
$ sudo vi prometheus.yml
|
- job_name: 'prometheus-node-exporter-prod'
static_configs:
- targets: ['<NODE1-ip>:9100','<NODE2-ip>:9100',.....'<NODEn-ip>:9100','<SERVER1-ip>:9100','<SERVER2-ip>:9100',......,'<SERVERn-ip>:9100']
→Save the file
Step 5: Execute the prometheus
Step 6: Add the node-exporter to all the nodes and servers
$ ssh user@IP-Address
Username: ncodeitadm
password: ncodeit123
→ Download and run node_exporter :
Step 7: Create one directory
1
|
$ sudo wget https://github.com/prometheus/node_exporter/releases/download/v0.16.0/node_exporter- 0.16.0.linux-amd64.tar.gz
|
Step 8: unzip and untar the node-exporter file
1
|
$ sudo tar zxvf node_exporter-0.16.0.linux-amd64.tar.gz
|
Step 9: Go to prometheus node-exporter and run node-exporter
1
|
$ cd prometheus-2.3.1.linux-amd64
|
Step 10: Access the browser with node-exporter
1
|
IP-Address:9100 # default port of node-exporter
|
Step 11: Go to Prometheus main server and see the status of node-exporter ip
IP-Address:9090 #default port
192.168.22.139:9090 #PROD server
192.168.22.161:9090 #NON-PROD server
1
|
<sub><span style="font-family: times new roman,times,serif;color: #000000">→It showing ip is up</span></sub>
|
→Repeat all step6 to step11 for all the nodes and servers and execute in prometheus main server (master)
No comments:
Post a Comment