Zabbix is an open-source monitoring software tool for diverse IT components, including networks, servers, virtual machines (VMs), and cloud services. Zabbix is able to monitor a lot of things, also provides a single pane of glass view of your whole IT infrastructure.

Configure the Zabbix repository.

yum install -y centos-release-scl

Install the Zabbix repository configuration package.

rpm -Uvh https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm

Install Zabbix Server.

yum install -y zabbix-web-mysql-scl zabbix-apache-conf-scl zabbix-server-mysql zabbix-agent --enablerepo=zabbix-frontend

Change timezone.

vi /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf
php_value[date.timezone] = America/Vancouver

Install MySQL or MariaDB.

yum install -y mariadb-server mariadb

Start mariadb service.

systemctl start mariadb
systemctl status mariadb

Login to MariaDB and create the database and user for our Zabbix installation.

mysql -u root -p

Create a database with information eblow.

DBName:zabbixdb
DBUser: zabbixuser
DBPassword:123456

MariaDB [(none)]> create database zabbixdb character set utf8 collate utf8_bin;
MariaDB [(none)]> grant all privileges on zabbixdb.* to zabbixuser@localhost identified by '123456';
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit

Import initial schema and database.

cd /usr/share/doc/zabbix-server-mysql*/
zcat create.sql.gz | mysql -u zabbixuser -p zabbixdb

Update Database Configuration

Edit the zabbix_server.conf file.

DBHost=localhost
DBName=zabbixdb
DBUser=zabbixuser
DBPassword=123456

Restart Zabbix service.

systemctl restart zabbix-server zabbix-agent httpd rh-php72-php-fpm

Enable the service to start automatically on system reboot.

systemctl enable zabbix-server zabbix-agent httpd rh-php72-php-fpm

Disable SELinux.

sudo setenforce 0

Allow Zabbix services on Firewall.

firewall-cmd --permanent --add-port=10050/tcp
firewall-cmd --permanent --add-port=10051/tcp
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd –reload

Setup Zabbix via a web interface.

http://10.0.0.134/zabbix/

Enter zabbixdb, zabbixuser and password.

Zabbix Dashboard.

Username: Admin (Username is case sensitive.)

Password: zabbix

Zabbix Dashboard.

netstat -antp | grep "LISTEN"

Install HTTPS web certificate on the Zabbix web interface.

Install mod security.

yum install mod_ssl -y

Copy web server certificate (used wildcard cert *.linuxlab.local) to Zabbix server.

Edit ssl.conf file.

vi /etc/httpd/conf.d/ssl.conf
#SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateFile /etc/pki/tls/certs/wildcard.crt
#SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCertificateKeyFile /etc/pki/tls/certs/wildcard-cert.key
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
SSLCertificateChainFile /etc/pki/CA/certs/ourCA.crt

Restart Apache web service.

systemctl restart httpd
systemctl status httpd

Allow HTTPS on Firewall.

firewall-cmd --permanent --add-service=https
firewall-cmd --reload

Access Zabbix server from Windows machine.

https://zabbix.linuxlab.local/zabbix/

Redirect HTTP to HTTPS on Apache by using .htaccess file.

cd /etc/httpd/conf.modules.d/
cat 00-base.conf | grep rewrite

cd /usr/share/zabbix/
touch .htaccess
vi .htaccess
###---
RewriteEngine On
RewriteCond %{HTTPS}  !=on
#RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
RewriteRule ^/?(.*) https://zabbix.linuxlab.local/$1 [R,L]

Access Zabbix via HTTP. It will redirect the link to HTTPS.

Ceph is an open-source distributed software solution. It is designed to serve block, file, and object workloads for a cluster system. There are a lot of advantages when using Ceph. Ceph supports distributed object storage on multiple cluster nodes, provides redundancy between cluster nodes and is able to scale out cluster storage nodes with Ceph.

Ceph is able to run on commodity hardware without vendor lock-in. Moreover, Ceph is also a unified storage infrastructure that supports storage clusters that may grow or shrink and allows to add and remove hardware while the Ceph cluster is online.

This lab below is used to deploy three Proxmox nodes on the Ceph clsuter.

Add a new second hard drive on Proxmox1, Proxmox2, and Proxmox3 nodes.

Install Ceph cluster on node 1.

Create an OSD on Proxmox node 1, node 2 and node 3.

Create Ceph Pool on Ceph storage.

Create a new Linux VM on Ceph.

Add this machine to the HA Ceph.

Hard turn off the Proxmox node1.

Linux VM has been migrated to Proxmox node2 with a couple of minutes of downtime.

Doing live migration the VM2 on Proxmox node 2 to node 3.

It is interesting to see there is no downtime when doing live migration VM2 on Proxmox node 2 to node 3 in the Ceph cluster.

Below is a lab to create a Proxmox cluster.

Node1: pve01.linuxlab.local – 192.168.5.19

Node2: proxmox02.linuxlab.local – 192.168.5.21

Node3: proxmox03.linuxlab.local – 192.168.5.22

Step #1 Check hostname, date and /etc/hosts

192.168.5.19 pve01.linuxlab.local pve01
192.168.5.21 pve02.linuxlab.local pve02
192.168.5.22 pve03.linuxlab.local pve03

ping pve01
ping pve02
ping pve03

Creating Cluster via Proxmox GUI interface.

Click on Datacenter | Cluster | Create Cluster

Click on Copy information.

Install a LinuxMint VM on Proxmox node 3.

Proxmox Virtual Environment is an open-source server virtualization management solution based on QEMU/KVM and LXC. It is an affordable virtualization solution for small businesses

Create a new Linux VM on Virtualbox to install Proxmox. Click the link below to download Proxmox VE 7.1 ISO Installer, then mount the iso to the VM to install Proxmox.

https://www.proxmox.com/en/downloads/category/iso-images-pve

To enable “Nested VT-x/AMD-V” function on Proxmox, open a terminal console and type the command below.

VBoxManage -nologo list vms
vboxmanage modifyvm "Virtual machine name of Proxmox" –nested-hw-virt on
vboxmanage modifyvm "proxmox1" --nested-hw-virt on
vboxmanage modifyvm "proxmox2" --nested-hw-virt on
vboxmanage modifyvm "proxmox3" --nested-hw-virt on

After installing Proxmox, open any web browser (such as Firefox on LinuxMint), access Proxmox web management interface (https://IPaddressofProxmox:8006).

Upload source installation such as LinuxMint, Windows OS iso files to install Linux and MS Windows VMs.

Create and install a Linux machine on Proxmox server.

LinuxMint VM can ping google.ca.

Below is a workaround solution to fix VirtualBox issue is running in MacOS Monterey.

Open Terminal.

sudo nano /Applications/VirtualBox.app/Contents/Resources/VirtualBoxVM.app/Contents/Info.plist 

Changed the following parameter from true to false: <key>NSHighResolutionCapable</key>     <false/>

Saved the file, reopen VirtualBox. We can see typing keyword in Virtualbox VM is faster than before.

It is capable to provide 433 Mbps speed on 5GHz with a dual USB adapter by using this adapter.

Install TP-Link AC600 Archer T2U Nano on LinuxMint.

sudo apt install dkms git build-essential libelf-dev linux-headers-$(uname -r)
# Cloning into 'rtl8812au'
git clone https://github.com/aircrack-ng/rtl8812au.git
cd rtl8812au/
sudo make dkms_install

Unplug the TP-Link Archer T2U Plus adapter and plug it in again. The LED will start to blink. Verify the driver has been installed successfully.

sudo dkms status

Then setup your new wireless USB adapter device.

OCS stands for Open Computers and Software Inventory Next Generation. This is an open-source assets management and deployment solution.

Below is a couple of steps to install OCS inventory.

Prerequisites

yum install -y epel-release yum-utils vim wget

wget https://rpms.remirepo.net/enterprise/remi-release-7.rpm --no-check-certificate

wget https://rpm.ocsinventory-ng.org/ocsinventory-release-latest.el7.ocs.noarch.rpm --no-check-certificate

yum install -y ocsinventory-release-latest.el7.ocs.noarch.rpm remi-release-7.rpm

yum-config-manager --enable remi && yum-config-manager --enable remi-php73

Create a .repo file so that MariaDB can be installed.

vim /etc/yum.repos.d/MariaDB.repo

Install the whole bunch of applications and extensions that are required to run OCS

yum install -y httpd MariaDB-client MariaDB-server perl-Archive-Zip perl-Compress-Zlib perl-DBD-MySQL perl-DBI perl-Mojolicious perl-Net-IP perl-Plack perl-SOAP-Lite perl-Switch perl-XML-Entities perl-XML-Simple php php-cli php-common php-curl php-domxml php-gd php-imap php-intl php-ldap php-mbstring php-mcrypt php-mysql php-mysqlnd php-opcache php-pdo php-pear-CAS php-pecl-apcu php-pecl-zip php-simplexml php-soap php-sodium php-xmlrpc php-zip

yum update && yum upgrade

Install OCS Inventory.

yum install -y ocsinventory

Configure the MariaDB database.

systemctl enable mariadb
systemctl start mariadb

Secure MySQL.

mysql_secure_installation

Create a new an ocsweb database and assign permissions for user ocs/ocs.

mysql -u root -p
MariaDB [(none)]> create database ocsweb;
CREATE USER 'ocs'@'localhost' IDENTIFIED BY 'ocs';
GRANT ALL PRIVILEGES ON ocsweb. * TO 'ocs'@'localhost' IDENTIFIED BY 'ocs';
flush privileges;
exit;

Allow HTTP and HTTPS on Firewall.

firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd –reload
firewall-cmd --list-services

Configure the MariaDB database.

systemctl enable mariadb && systemctl start mariadb

Setup OCS user/password on OCS configuration/

# Name of database
PerlSetEnv OCS_DB_NAME ocsweb
PerlSetEnv OCS_DB_LOCAL ocsweb
# User allowed to connect to database
PerlSetEnv OCS_DB_USER ocs
# Password for user
PerlSetVar OCS_DB_PWD ocs

Enables and restarts Apache Web Service.

systemctl enable httpd && systemctl start httpd

Enter user/password is admin/admin to log on.

Rename the “install.php” file in the “OCSReports” directory.

mv /usr/share/ocsinventory-reports/ocsreports/install.php /usr/share/ocsinventory-reports/ocsreports/install.php.bak

Create a logon script OCSinventory.bat

@echo off
\\dc1.cisalab.local\shared\OCS-Windows-Agent-2.9.0.0_x64\OCS-Windows-Agent-Setup-x64.exe /S /SERVER=http://10.0.0.13/ocsinventory

Create a new GPO and link the script to the domain level.

Restart Windows 10 domain-joined machine.

OCS inventory agent has been automatically installed on this machine.

Check TCP connection from Windows 10 machine to OCS Inventory server.

Get-NetTcpConnection -RemoteAddress 10.0.0.13

Create a CentOS 7 VPS.

Update your system & disable SELinux

Start the installation by updating system packages to the latest release.

#sudo yum -y update

Next, disable SELinux in CentOS

edit /etc/selinux/config file and run a command setenforce 0 to disable SELinux in CentOS.

Reboot Linux VPS server.

Add the OpenProject Repository

Next is to add OpenProject Repository by executing the below commands in your terminal.

# sudo yum -y install wget # sudo wget -O /etc/yum.repos.d/openproject.repo https://dl.packager.io/srv/opf/openproject/dev/installer/el/7.repo

Install OpenProject on CentOS 7

Run the commands below to install OpenProject on CentOS 7 # sudo yum -y install openproject

Run the command below to configure OpenProject

#sudo openproject configure Select “Install a new PostgreSQL server and database locally”

Select “Install Apache2 server”

Choose Sendmail application as the default send email service on CentOS.

Enter admin email to be used for access and notifications.

Choose to install Memcache server.

The installation was failed because the issue below

Run the command below to generate a self-signed certificate for OpenProject. # sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/certs/openproject.cisa2380.tk.key -out /etc/ssl/certs/openproject.cisa2380.tk.crt

# mkdir /etc/ssl/private/

# cp /etc/ssl/certs/openproject.cisa2380.tk.key /etc/ssl/private/

Run the command below to complete the installation

#sudo openproject reconfigure

Allow port 80 and 443 on the CentOS firewall.

After finishing OpenProject installation, log into OpenProject with default user/password is admin/admin.

Install certbot on OpenProject.

Restart Apache web service.

# cat /etc/httpd/conf.d/openproject.conf

Log into the OpenProject and see the interface will be redirected to HTTPS.

This tutorial describes how to install Zimbra Collaboration Suite Open Source Edition on a CentOS/RHEL 7 VPS server.

Step 1: Create both A and MX records for Zimbra Mail Server. Create both A and MX records on the VPS to point to your Zimbra mail server

Step 2: Install System Packages for Zimbra

Login as a root account to install the following packages below:

# yum -y install unzip net-tools sysstat openssh-clients perl-core libaio nmap-ncat libstdc++.so.6

Next, disable SELinux in CentOS. Edit /etc/selinux/config file and run a command setenforce 0 to disable SELinux in CentOS

Install wget package:

# yum install wget

Set hostname on Zimbra host. # hostnamectl set-hostname mail

Disable unwanted services. Postfix mail service has already been installed and run on CentOS. We need to disable and remove the postfix service before installing Zimbra.

# systemctl stop postfix

# systemctl disable postfix

# yum remove postfix

Step 3: Install Zimbra Collaboration Suite Open Source Edition # wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz

After the download completes, use unzip command to extract the archive

# tar xfz zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz

# cd zcs-8.8.15_GA_3953.RHEL8_64.20200629025823/ # ls

Run the command install.sh to install Zimbra. After a series of system checks, click y in continue installation

# ./install.sh

Next, the installation process will prompt a couple of questions that we need to choose to configure Zimbra properly.

Finally, it will start the Zimbra installation process. The system will be modified.  Continue? [N] y

Allow Zimbra services on Linux Firewall.

Step 4: Zimba Initial Configuration. After the installation finishes, access the Zimbra administration page via a link https://mail.cisa2380.tk:7071 or https://172.105.5.143:7071

Step 5: Create 500 Zimbra test users:

#su – zimbra

$cd /opt/mail/backup

$touch usercreation.sh

$nano usercreation.sh

[zimbra@mail backup]$ more usercreation.sh

#!/bin/bash

# Generate user list

#cd /var/tmp

x=1

while [ $x -lt 501 ] do

echo “ca demo$x@cisa2380.tk ‘@zimbra@password’ cn ‘Demo User${x}’ givenName ‘Demo’ zimbraPrefFromDisplay ‘Demo User${x}'” >> userlist.zmp

x=`expr $x + 1` done

# run the script ./usercreation.sh

Next, use the command below to create 500 Zimbra users from the userlist.zmp file $zmprov -f userlist.zmp

List down all Zimbra accounts with zmprov command $zmprov -l gaa

Checking on Zimbra Administration.

Step 6: Evaluate Zimbra performance by simulating concurrent Zimbra user’s login.

—-

[root@li1978-114 tmp]# cat usersimulate.sh

#!/bin/bash

# Simulate user login

# x start from 1 and end with 500

#x=1

for x in {1..500}

do

    curl -v -k ‘https://mail.cisa2380.tk/’ -H ‘Cookie: ZM_TEST=true’ –data ‘loginOp=login&username=demo$x@cisa2380.tk&password=@zimbrapassword’

    sleep 1s done

—-