Blog

Splunk Cluster setup – 1: Setup Azure VM

Posted on August th, 2014 in Server Setup, Splunk, Virtual Server | 6 Comments

As a follow up to previous post on how to install and setup Linux Ubuntu under VMWare, I went ahead and created Azure VM as well. Once Azure VM is set up, the Splunk Cluster setup is identical.

For this instructions I would assume you have already set up Azure Subscription. If not, go ahead and create one month Free account with $200 to spend on Azure services.

Contents:


Read More

Splunk Cluster setup – 1: Prepare VMWare Virtual Machine

Posted on August st, 2014 in Server Setup, Splunk, Virtual Server | 4 Comments

Slowly gaining more experience with Splunk and realizing power of this unique app, I ventured into cluster setup for Splunk 6.1 as part of the current initiative for the client I’m working with.

Below is a quick step-by-step instructions set which I compiled mainly for myself as a documentation.

Contents:


Read More

Another server upgrade – Part 3

Posted on June th, 2011 in Server Setup | 0 Comments

After 3 hours of sleep, around 6am on Saturday, I came back to the office to fiddle around with server one more time. No matter what I did, ODR still thought that ODM is on the network, and I’ve decided to move to the Plan B.

Plan B was to export our current OD structure via Archiving, install new OS X server on MacMini and restore from there. Little I knew how corrupted LDAP was on the original server, after all ‘hard reboots’ throughout it’s lifetime.

By around 10am, I clearly understood that Plan C is my only solution – which was exporting users from original OD and re-importing them into brand new installation of OS X. The only positive from this approach was that our users would have to change their passwords upon initial login anyway, to comply with recent implementation of IT Sec Policy, so loosing user’s passwords was not a big deal.

By around 11:30, I had all my users imported and passwords reset, but one more hiccup was waiting for me…

Read More

Another server upgrade – Part 2

Posted on May th, 2011 in Server Setup | 0 Comments

And here comes magical day – Friday, May 20th. All planning is done, hopefully, and we are ready for servers’ upgrade, update and reconfiguration.

So first let’s see what we have, then we’ll see what we want, and then we will see what we get…

Our current setup is:

3 XServes and one VMWare OS X Server all working very hard and therefore one XServe, which acts as Open Directory Master (ODM), AFP, SMB, DNS, DHCP and Netboot server, works very hard every day and hangs ocasionally. During those ‘hangs’ “hard reset” is required, which does the number on the server. Single sign-on process is not working anymore and every time server ‘hangs’, since it’s running DHCP and DNS services, none of the users can access Internet. So back to set-up:

  • XServe 1 – Mac OS X 10.5 Server, AFP, DNS, DHCP, SMB, ODM
  • XServe 2 – Mac OS X 10.4 Server, AFP, FTP, Mail, Web and FileMaker Server
  • XServe 3 – Mac OS X 10.5 Server, AFP, ODR (Open Directory Replica)
  • VMWare Server – Mac OS X 10.5 Server,AFP, FileMaker Server

Now in order to free up XServe 1 and ensure it’s stability and no-impact on Internet, I’m bringing MacMini into the picture, running 10.6 OS X Server which will be DNS, DHCP and ODM. XServe 1 would then be AFP, SMB server – file server.

Plus, all servers, except VMWare server, will be running 10.6 Server software to increase performance of existing hardware and utilize latest Mac technologies.

Read More

OS X Server in VMWare – part 4

Posted on June th, 2009 in Server Setup, Virtual Server | 0 Comments

This will be forth article in the series of articles about Mac OS X Server 10.5 setup under VMWare.

I would leave FileMaker Server installation for another time. Right now I want to talk about following services on the server which will replace existing server. Here is the situation, just a reminder:

I have live server which hosts websites and FileMaker databases. It also runs AFP services for access to files internally and FTP service for external developers access to those files. Our registration websites are secure websites with proper CA signed certificates. This server, once virtualization project is complete, would become host server, which will not have any services running, well maybe AFP, and will have VMware hosting guest machines. One machine would be new server with registration websites and FileMaker databases with same FTP and AFP services running as well. My challenge is to swap services of current server with new virtual server with least impact, as those registration websites are live 365 days a year and updating every now and then.

So, I’ve setup bare 10.5.7 server, called it promorphius and it would become twin of prometheus, our existing server. Next steps would include:

Setup web server.

First I moved all files from prometheus web server folder to promorphius. I set up site under web service in Server Admin with exact same settings as existing, except for folder location, it’s on separate virtual drive. I then need to make sure that this site is secured and all HTTP requests are going to HTTPS.

As I already have signed certificate on prometheus, I would request Reissue of the certificate from our CA. Follow links provided by your provider to the step where they ask you for CSR (Certificate Signing Request). On that page you would have text field for the CSR. On the new server, I’ve created new certificate with same information as on existing server, but it becomes Self Signed. No worries, Save and select this certificate and click on little gear icon in Server Admin, choose “Generate Certificate Signing Request  (CSR)… ” and window with instruction would appear. Select image of certificate and drag it over text box on the CA’s website. It will be filled with some gibberish, that’s exactly what we need. Follow all neccesary remaining steps. Once you get your certificate select that text copy and select your Self Signed certificate from Server Admin and under little gear icon choose “Add Signed or Renewed Certificate from Certificate Authority…” paste the text in this area now. That’s it, your certificate is signed now!

Next in web server setup, we want to choose our newely signed certificate for our secure server. Under Web service, in Server Admin, choose Sites, select your site (remember, it suppose to use port 443) and under Security check box next to “Enable Secure Sockets Layer (SSL)” and select your signed certificate.

Now, we want to make sure that all requests to our HTTP forward to HTTPS. For that we would duplicate our web site, select port 80 instead of 443 and deselect SSL checkbox in security. We now need to do a little hack to setup these forwarding. Open Terminal, type in su type in root password, type in cd /private/etc/apache2/sites do ls to view your files, you will see some files like 0016_195.75.175.184_443_secure.example.com.conf type in pico 0002_10.1.1.11_443_secure.example.com.conf using your own file name. This will open basic text browser. Scroll down to area with:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]

Edit this section to include:

RewriteRule ^/(.*)$ https://secure.example.com/$1 [R]

And either delete or comment out existing lines.
So final would look like this:

RewriteEngine On
##RewriteCond %{REQUEST_METHOD} ^TRACE
##RewriteRule .* - [F]
RewriteRule ^/(.*)$ https://secure.example.com/$1 [R]

$1 would insure that if somebody types in http://secure.example.com/sub/page.php they would be redirected to same subpage but HTTPS.

Now it’s time to check our server. Since we don’t want to change DNS settings for our domain as it will take up to 24hrs to propogate, we would use exisiting settings and swap IP addresses of old-real and new-virtual servers (you mapped both external and internal interfaces of your hardware to VMware, right? Instructions) Test your site, and everything should stay the same.

I’ve had issues with error messages on my php pages:

Warning: session_start() [function.session-start]: Cannot send session cache limiter – headers already sent

The reason for that is session_start() function in php file. Make sure it is at the very first line of the file.

Page 2 of 3123