IONOS Enterprise Cloud – Data Center Designer – Introduction

With the Enterprise Cloud, you receive a modern IaaS platform for cloud computing—highly available, secure, reliable, and with fast software defined networking. This means you receive precisely the virtual IT infrastructure that your company actually needs. The drag and drop feature in our Data Centre Designer allows you to put together the resources for your customised virtual data centre, without any rigid, prefab packages.

Our live vertical scaling gives you the option of flexibly adding new capacities and components to your virtual infrastructure – at any time, on short notice, and without rebooting the system! This is what makes the Enterprise Cloud by 1&1 IONOS one of the most attractive corporate cloud solutions available anywhere on the market.

Please follow and like us:

How to Install and Configure WordPress on CentOS 7

Introduction

WordPress is a free and open source blogging platform or content management system based on PHP and MySQL. Currently WordPress is the most popular CMS all over the world, and has 20000 plus plugins to extend its functionality.You can easily create a simple website, blog or complex portals and enterprise websites using WordPress.

WordPress provides lots of features. Some of them are listed below:

  • WordPress is available in more than 70 languages. So you can build a website in a language as your choice.
  • You can easily manage your content, schedule, look and publication using WordPress, and also secure your posts and content with a password.
  • WordPress comes with thousands of themes for you to create a beautiful website. You can also upload your own theme with the click of a button.
  • With the importers feature you can easily import your blog from another website to WordPress.
  • WordPress provides search engine optimization out of the box, and also provides many SEO plugins.

In this tutorial, we will discuss how to install and configure WordPress on a CentOS 7 server.

Requirements

  • A server running CentOS 7.
  • A non-root user with sudo privilege setup on your server.

Getting Started

Update your system with the latest package versions by running the following command:

sudo yum update -y

Once your system is up-to-date, you can proceed to the next step.

Installing LAMP

Before installing WordPress itself, you will need to install the LAMP stack and other required packages on your server.

You can install all the necessary packages with the following command:

sudo yum install httpd mariadb mariadb-server php php-common php-mysql php-gd php-xml php-mbstring php-mcrypt php-xmlrpc unzip wget -y

Once installation is complete, start the Apache and MariaDB services and enable them to start at boot with the following commands:

sudo systemctl start httpd
sudo systemctl start mariadb
sudo systemctl enable httpd
sudo systemctl enable mariadb

Configuring MariaDB for WordPress

By default MariaDB is not secured, so you will need to secure it first. You can do this by running mysql_secure_installation script:

sudo mysql_secure_installation

Answer all the questions as shown below:

Set root password? [Y/n] n
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y

Once you have finished, login to MariaDB console with the following command:

mysql -u root -p

Enter your MariaDB root password and hit Enter. After login, create a database for WordPress:

MariaDB [(none)]>CREATE DATABASE wordpress;
MariaDB [(none)]>GRANT ALL PRIVILEGES on wordpress.* to 'user'@'localhost' identified by 'password';
MariaDB [(none)]>FLUSH PRIVILEGES;
MariaDB [(none)]>exit

Installing and Configuring WordPress

You can download the latest version of the WordPress source from the official website. You can get the latest version of WordPress by running the following command:

wget http://wordpress.org/latest.tar.gz

Once download is finished, extract the downloaded file with the following command:

tar -xzvf latest.tar.gz

Next, move the extracted files to the Apache web root directory:

sudo cp -avr wordpress/* /var/www/html/
restorecon -r /var/www/html

Next, create a directory for WordPress to store uploaded files:

sudo mkdir /var/www/html/wp-content/uploads

Next, assign proper ownership and permissions to your WordPress files and folders:

sudo chown -R apache:apache /var/www/html/
sudo chmod -R 755 /var/www/html/

Next, you will need to make some changes in the WordPress main configuration file, so it can be connected with the database and user.

First, rename and edit the WordPress main configuration file:

cd /var/www/html/
sudo mv wp-config-sample.php wp-config.php
sudo nano wp-config.php

Change the DB_NAME, DB_USER, and DB_PASSWORD variables as shown below:

define('DB_NAME', 'wordpress');
define('DB_USER', 'user');
define('DB_PASSWORD', 'password');

Save and close the file when you are finished.

Accessing WordPress Web Installation Wizard

Before starting, you will need to allow access to the Apache ports using firewalld.

You can do this by running the following command:

sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

Next, open your web browser and type the URL http://your-server-ip. You should see the following page:

WordPress language selection

Select language as per your need and click on Continue button, you should see the following page:

WordPress site info page

Fill out all the required site information and click on Install WordPress button. You should see the WordPress default dashboard as below:

WordPress dashboard page

Once installation is completed, you can login WordPress by typing the URL http://your-server-ip/wp-login.php? on your web browser. You should see the WordPress login page as below:

WordPress login page

Next, provide username and the password which you have created earlier and click on Log In button, you should see the following page:

WordPress dashboard

Summary

Congratulations! You have successfully installed WordPress on CentOS 7. I hope you have now enough knowledge to host your own WordPress blog easily. Feel free to comment below if you have any questions.

Please follow and like us:

Avoiding Cloud Vendor Lock-in

Always ask before entering into any contract, “How do I get my data out in the future if I need or want to?”

Cloud vendor lock-in is typically a situation which a customer using a product or service cannot easily transition to a competitor. Lock-ins are usually the result of proprietary technologies that are incompatible with those of its competitors and it can also be caused by inefficient processes or constraints among other things.  I’ve seen many customers come up against this in the past with traditional data centers where their storage vendor or hyper-visor solutions locked those customers into fixed solutions which inhibit the customer to be agile in moving to new technologies. The cloud albeit public or private can be no different when it comes to using lock-in techniques for retaining its user base.

Fear of Lock-in

Cloud lock-in is often cited as the major obstacle to cloud service adoption. there are a number of reasons why a company may look to migrate to the cloud, most often its all about reducing the physical infrastructure that they have in their data centers, cloud gives them the agility their look for, additionally reducing not only the CAPEX but also the OPEX required for the ongoing maintenance of the systems.

There’s also the question of how they should migrate to the cloud , the complexities of the migration process may mean that the customer stays with their provider which could also mean there’s a compromise in that their current provider doesn’t meet all their needs and limits the agility of their IT and value it provides to the business. 

In some cases during the migration to another provider it may be required to move the data and services back to the original on-premises location which in itself may be an issue as the original architecture may no longer be available or the data center is now reduced in resource availability and prohibits such an action. Further more the data may of been changed to allow its operation on a particular cloud vendors platform and would need to be altered again to run on an alternative cloud platform. 

Cloud vendor lock-in

Its only natural that cloud vendors want to lock you in after all they’re there to make money and need you to stay with them, they work at ways to keep you using their services and try to ensure that migrations are not an easy task. their customers often don’t know the impact until they try to migrate and can be devastating when it happens. Due to these challenges migration services from third party vendors are becoming a common occurrence and turning into lucrative business.

Taking the leap

Most companies I’ve talked to recently have similar experiences when looking to migrate from their current cloud vendors, the majority were unhappy with the perceived costs of using cloud infrastructure after all cloud was suppose to be cheap but the ROI was taking longer than first anticipated. The cloud vendors support services were a close second due to the lack of any personal experience offered from their vendor, i guess there’s only a number of times that “Take a look at this FAQ” is going to help.

One of the other major problem with cloud vendors is that you typically need to over allocate already inflated resources to the services you are providing as cloud resources are most of the time shared with other users of their services. its a bit like a house share, the last thing you need is someone hogging the bathroom.

PaaS services were also another reason, whilst PaaS is great in reducing the OPEX of the underlying infrastructure and application or database services it does start to get expensive with large number of API gateway calls which if unplanned for can be a bit of a surprise when you get your invoice, add to that one clouds PaaS may not be inter-operable with another so some type of data cleaning is going to be needed.

GDPR (there I’ve said it) was another reason which raised its head especially if the vendor was US based then the C.L.O.U.D. Act comes into effect.

https://docs.house.gov/billsthisweek/20180319/BILLS-115SAHR1625-RCP115-66.pdf#page=2201

If your using a US based provider then your data is no longer private as is can be handed over to the US government if they deem any suspect need to, oh and hosting in a different region outside of the US doesn’t help either so using a Irish region will not allow you to escape the act. The last time I check the big 3 public clouds are all US owned but if you believe that this may not effect you then you don’t need to look too far to see it in action, I’m sure we all remember Cambridge Analytica and the Facebook debacle that company had to hand over its data and now no longer exists! Taking up a hybrid cloud approach and using a dedicated European provider with multiple region support will help avoid this.   

One company that I spoke to had a concerning case in that their cloud vendor had no export facility for the data and had challenges on how to cleanly extract the data, this challenge was compounded even more as the tax man also called in an audit on their accounts during the migration phase and had to take a hit on a penalty as the accounts were not available at the time of the audit. The whole process was painful and time consuming and they surely learnt a lot from the experience.

And the moral of the story is …..

Ask the important questions, “How is the data securely stored?”, “Who has access to my data”, “How is my data protected?”, “Do I need to modify my data so the cloud vendor can store it?” and most importantly “How do I get my data out in the future if I need and want to?” In most cases getting your data out is going to cost you but knowing that’s its possible is half the battle. if your new provider has tools to make it easier for you then that’s even better.

And lastly

Be aware of the existence of the CLOUD Act and its potential implications for your business.
Adopt a hybrid cloud strategy, which clearly defines which data can be stored in public cloud services, and what should be stored in data centers operated by European managed service operators.
If you have large amounts of customer data, and would like to alert them if you do get a request to hand over personal data under the CLOUD Act, you might want to consider adding a warrant canary clause on your website.

Please follow and like us:

Comparing Public Cloud Performance – Part Three – GCP

In the first series on this post I looked at Azure VMs and provided a comparison with IONOS Enterprise Cloud, in the second part we looked at AWS, this final post of the series will look at comparing Google Cloud Platform (GCP).

As a bit of background in case you haven’t read the first or second parts yet, I’ve been working with the major cloud vendors for some years now and for me performance has always been a key factor when choosing the right platform, I’ve always struggled in finding the right balance of cost vs performance when choosing the right platforms and have created this blog to highlight some of the differences.

I’ve just started a new role as Cloud Architect for 1&1 IONOS Enterprise cloud and one of the main factors in coming here was the technology and some of the claims that it makes especially with performance and simplicity. This blog will highlight those performance claims and also the cost benefit that choosing the right cloud provider will be for you.

For these tests I’ve kept it simple, I’m using small instances that will host microservices so cost is one variable but performance is another, I will be creating an instance with 1 vCPU and 2Gb RAM, this system will be a base line for testing and I will use Novabench (novabench.co.uk) for some basic CPU and RAM performance modelling. There are so many tools out there but I find this one real quick and simple to test against some key attributes I will also be using the same tool for the instances so not unbiased results too.

So on with the comparison and next up is GCP for this I’ve selected a custom VM size as this is as near as consistent with other instances on the clouds I have been testing, The CPU used is an Intel Xeon 2.3Ghz and the price for this including windows server licensing and support costs comes out at £50.64 per month


GCP Pricing calculator for Custom VM

For IONOS Enterprise Cloud I’ve also selected a similar spec as GCP which is a 1 CPU and 2Gb RAM and have used the Intel Haswell E5-2660v3 based chip for the OS as this will be as close to the custom VM in GCP, Like GCP I’ve also included the Windows Server license cost in the subscription along with 24/7 support which is actually free. The monthly cost for this server is £59.18 so comparing costs of using IONOS Enterprise Cloud there is a slight benefit of using GCP as you would save £102.48 over the year, so looks like GCP has a cost edge over IONOS, so what about the performance.


IONOS Enterprise Cloud Pricing for GCP 1 CPU 2Gb RAM equivalent

First I wanted to see how the external and internal internet connectivity was performing, to no big surprise IONOS way out performed Azure by a factor of 2, which is to be expected given the infrastructure back end design running on InfiniBand and the datacentre interconnects. The download speed was comparable for Google which you would expect from the internet giant.

GCP Speedtest performance rating

IONOS Enterprise Cloud Speedtest performance rating

Next the focus turned to CPU, RAM and disk performance for this I ran the Novabench performance utility and performed tests on both servers, the tests did throw up some major differences between the two. Let’s take a look at GCP first

GCP custom 1 vCPU & 2GB Ram VM Novabench Results

The GCP results were interesting to a point that twice as much resources are to be required to get to the same level of the IONOS instance.The GCP instance had a more or less half that of a score for its CPU, RAM and Disk benchmark compared to IONOS but it must be noted that the GCP resources are shared resources instances being hosted on GCP, the RAM score was also at a much lower throughput with a difference of 11964 MB/s, but what was noticeable was that the disk read and write performance was half that of IONOS. the write speed was not what would be expected from SSD storage.

The IONOS Enterprise cloud exhibited near twice the values from the results to GCP.

IONOS Instance Novabench result

Conclusion

Due to the dedicated resources that are used by IONOS Enterprise Cloud it becomes apparent that other Public Cloud vendors have to double (GCP & AWS) or even quadruple (Azure) their resource configurations to be comparable in performance to IONOS. Comparing GCP to IONOS to catch up to a similar performance of that of IONOS Enterprise Cloud the GCP instance would need to be reconfigured to a custom VM with 2 vCPUs and 4Gb RAM size this is 2 times the resources of the IONOS Instance which would increase the monthly cost to £94.57 which would equate to £1134.84 for the year of which you would have to pay an extra £423.96 per year for an equal performance instance of that of the IONOS instance.

GCP custom 2 vCPU& 4GB Ram VM Novabench Results

Can you really justify that type of expense of spending an additional £400 per year for just one system for the same performance? IONOS Enterprise Cloud provides dedicated CPU and Memory and is surely the way to go.

Don’t just take my word for it, give it a go yourself, I’m sure you’ll be impressed with the results.

Get your free 30 day no obligation trial at https://www.ionos.co.uk/pro/enterprise-cloud/

Please follow and like us:

Nagios Core Upgrade on CentOS 7

We are going to upgrade Nagios Core from 4.1.1 to 4.4.2.

Backup Existing Nagios Configuration
Nagios and Apache services should be stopped:

systemctl stop nagios httpd

Make sure that we have a backup:

rsync -rav /usr/local/nagios/ /opt/nagios411backup/

Upgade and Configuration
Download Nagios Core release 4.3.4 and extract the archive:

wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.2.tar.gz
tar xf ./nagios-4.4.2.tar.gz && cd ./nagios-4.4.2

Configure and compile:

./configure --with-command-group=nagcmd
make all

Install the main program, CGIs, HTML files, sample config files etc:

make install
make install-init
make install-commandmode
make install-config
make install-webconf
make install-webconfig

Restore the configuration file nagios.cfg from the backup:

cp -f /opt/nagios411backup/etc/nagios.cfg /usr/local/nagios/etc/

Restore the password file htpasswd.users if required:

cp -f /opt/nagios411backup/etc/htpasswd.users /usr/local/nagios/etc/

Restore objects:

rsync -rav /opt/nagios411backup/etc/objects/ /usr/local/nagios/etc/objects/

In our case we also want to restore all custom monitoring configuration files:


rsync -rav /opt/nagios411backup/etc/monitoring/ /usr/local/nagios/etc/monitoring/

These are deprecated and will be removed in future versions, might as well change them now:

sed -i 's/normal_check_interval/check_interval/g' /usr/local/nagios/etc/objects/templates.cfg
sed -i 's/normal_check_interval/check_interval/g' /usr/local/nagios/etc/objects/printer.cfg
sed -i 's/normal_check_interval/check_interval/g' /usr/local/nagios/etc/objects/switch.cfg
sed -i 's/retry_check_interval/retry_interval/g' /usr/local/nagios/etc/objects/templates.cfg
sed -i 's/retry_check_interval/retry_interval/g' /usr/local/nagios/etc/objects/printer.cfg
sed -i 's/retry_check_interval/retry_interval/g' /usr/local/nagios/etc/objects/switch.cfg
sed -i 's/^command_check_interval/#command_check_intervald/g' /usr/local/nagios/etc/nagios.cfg

We use Nagiosgraph, therefore we need this to continue processing data (the config file which we restored from the backup does contain the line already, therefore it’s mainly for future references).

sed -i 's/process_performance_data=0/process_performance_data=1/g' /usr/local/nagios/etc/nagios.cfg

Reload and restart the services:

systemctl daemon-reload
systemctl restart nagios
systemctl restart httpd

Verify:

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Nagios Core 4.4.2
Copyright (c) 2009-present Nagios Core Development Team and Community Contributors
Copyright (c) 1999-2009 Ethan Galstad
Last Modified: 2017-08-24
License: GPL

Website: https://www.nagios.org
Reading configuration data…
Read main config file okay…
Read object config files okay…

Running pre-flight check on configuration data…

Checking objects…
Checked 1671 services.
Checked 190 hosts.
Checked 44 host groups.
Checked 47 service groups.
Checked 5 contacts.
Checked 6 contact groups.
Checked 126 commands.
Checked 7 time periods.
Checked 0 host escalations.
Checked 0 service escalations.
Checking for circular paths…
Checked 190 hosts
Checked 0 service dependencies
Checked 0 host dependencies
Checked 7 timeperiods
Checking global event handlers…
Checking obsessive compulsive processor commands…
Checking misc settings…

Total Warnings: 0
Total Errors: 0

Things look okay – No serious problems were detected during the pre-flight check
If there are any configuration mismatches between the old and the new Nagios versions that affect your set up, then change them accordingly.

Please follow and like us:

How To Install Nagios 4 and Monitor Your Servers on CentOS 7

Introduction

In this tutorial, we will cover the installation of Nagios 4, a very popular open source monitoring system, on CentOS 7 or RHEL 7. We will cover some basic configuration, so you will be able to monitor host resources via the web interface. We will also utilize the Nagios Remote Plugin Executor (NRPE), that will be installed as an agent on remote hosts, to monitor their local resources.

Nagios is useful for keeping an inventory of your servers, and making sure your critical services are up and running. Using a monitoring system, like Nagios, is an essential tool for any production server environment.

Prerequisites

To follow this tutorial, you must have superuser privileges on the CentOS 7 server that will run Nagios. Ideally, you will be using a non-root user with superuser privileges.

A LAMP stack is also required. Follow this tutorial if you need to set that up: How To Install LAMP stack On CentOS 7.

This tutorial assumes that your server has private networking enabled. If it doesn’t, just replace all the references to private IP addresses with public IP addresses.

Now that we have the prerequisites sorted out, let’s move on to getting Nagios 4 installed.

Install Nagios 4

This section will cover how to install Nagios 4 on your monitoring server. You only need to complete this section once.

Install Build Dependencies

Because we are building Nagios Core from source, we must install a few development libraries that will allow us to complete the build.

First, install the required packages:

sudo yum install gcc glibc glibc-common gd gd-devel make net-snmp openssl-devel xinetd unzip

Create Nagios User and Group

We must create a user and group that will run the Nagios process. Create a “nagios” user and “nagcmd” group, then add the user to the group with these commands:

sudo useradd nagios
sudo groupadd nagcmd
sudo usermod -a -G nagcmd nagios

Let’s install Nagios now.

Install Nagios Core

Download the source code for the latest stable release of Nagios Core. Go to the Nagios downloads page, and click the Skip to download link below the form. Copy the link address for the latest stable release so you can download it to your Nagios server.

At the time of this writing, the latest stable release is Nagios 4.1.1. Download it to your home directory with curl:

cd ~
curl -L -O https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.1.1.tar.gz

Extract the Nagios archive with this command:

tar xvf nagios-*.tar.gz

Then change to the extracted directory:

cd nagios-*

Before building Nagios, we must configure it with this command:

./configure --with-command-group=nagcmd 

Now compile Nagios with this command:

make all

Now we can run these make commands to install Nagios, init scripts, and sample configuration files:

sudo make install
sudo make install-commandmode
sudo make install-init
sudo make install-config
sudo make install-webconf

In order to issue external commands via the web interface to Nagios, we must add the web server user, apache, to the nagcmd group:

sudo usermod -G nagcmd apache

Install Nagios Plugins

Find the latest release of Nagios Plugins here: Nagios Plugins Download. Copy the link address for the latest version, and copy the link address so you can download it to your Nagios server.

At the time of this writing, the latest version is Nagios Plugins 2.1.1. Download it to your home directory with curl:

cd ~
curl -L -O http://nagios-plugins.org/download/nagios-plugins-2.1.1.tar.gz

Extract Nagios Plugins archive with this command:

tar xvf nagios-plugins-*.tar.gz

Then change to the extracted directory:

cd nagios-plugins-*

Before building Nagios Plugins, we must configure it. Use this command:

./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl

Now compile Nagios Plugins with this command:

make

Then install it with this command:

sudo make install

Install NRPE

Find the source code for the latest stable release of NRPE at the NRPE downloads page. Download the latest version to your Nagios server.

At the time of this writing, the latest release is 2.15. Download it to your home directory with curl:

cd ~
curl -L -O http://downloads.sourceforge.net/project/nagios/nrpe-2.x/nrpe-2.15/nrpe-2.15.tar.gz

Extract the NRPE archive with this command:

tar xvf nrpe-*.tar.gz

Then change to the extracted directory:

cd nrpe-*

Configure NRPE with these commands:

./configure --enable-command-args --with-nagios-user=nagios --with-nagios-group=nagios --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib/x86_64-linux-gnu

Now build and install NRPE and its xinetd startup script with these commands:

make all
sudo make install
sudo make install-xinetd
sudo make install-daemon-config

Open the xinetd startup script in an editor:

sudo vi /etc/xinetd.d/nrpe

Modify the only_from line by adding the private IP address of the your Nagios server to the end (substitute in the actual IP address of your server):

only_from = 127.0.0.1 10.132.224.168

Save and exit. Only the Nagios server will be allowed to communicate with NRPE.

Restart the xinetd service to start NRPE:

sudo service xinetd restart

Now that Nagios 4 is installed, we need to configure it.

Configure Nagios

Now let’s perform the initial Nagios configuration. You only need to perform this section once, on your Nagios server.

Organize Nagios Configuration

Open the main Nagios configuration file in your favorite text editor. We’ll use vi to edit the file:

sudo vi /usr/local/nagios/etc/nagios.cfg

Now find an uncomment this line by deleting the #:

#cfg_dir=/usr/local/nagios/etc/servers

Save and exit.

Now create the directory that will store the configuration file for each server that you will monitor:

sudo mkdir /usr/local/nagios/etc/servers

Configure Nagios Contacts

Open the Nagios contacts configuration in your favorite text editor. We’ll use vi to edit the file:

sudo vi /usr/local/nagios/etc/objects/contacts.cfg

Find the email directive, and replace its value (the highlighted part) with your own email address:

email                           [email protected]        ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******

Save and exit.

Configure check_nrpe Command

Let's add a new command to our Nagios configuration:

sudo vi /usr/local/nagios/etc/objects/commands.cfg

Add the following to the end of the file:

define command{
        command_name check_nrpe
        command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

Save and exit. This allows you to use the check_nrpe command in your Nagios service definitions.

Configure Apache

Use htpasswd to create an admin user, called "nagiosadmin", that can access the Nagios web interface:

sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Enter a password at the prompt. Remember this login, as you will need it to access the Nagios web interface.

Note: If you create a user that is not named "nagiosadmin", you will need to edit /usr/local/nagios/etc/cgi.cfg and change all the "nagiosadmin" references to the user you created.

Nagios is ready to be started. Let's do that, and restart Apache:

sudo systemctl daemon-reload
sudo systemctl start nagios.service
sudo systemctl restart httpd.service

To enable Nagios to start on server boot, run this command:

sudo chkconfig nagios on

Optional: Restrict Access by IP Address

If you want to restrict the IP addresses that can access the Nagios web interface, you will want to edit the Apache configuration file:

sudo vi /etc/httpd/conf.d/nagios.conf

Find and comment the following two lines by adding # symbols in front of them:

Order allow,deny
Allow from all

Then uncomment the following lines, by deleting the # symbols, and add the IP addresses or ranges (space delimited) that you want to allow to in the Allow from line:

#  Order deny,allow
# Deny from all
# Allow from 127.0.0.1

As these lines will appear twice in the configuration file, so you will need to perform these steps once more.

Save and exit.

Now start Nagios and restart Apache to put the change into effect:

sudo systemctl restart nagios.service
sudo systemctl restart httpd.service

Nagios is now running, so let's try and log in.

Accessing the Nagios Web Interface

Open your favorite web browser, and go to your Nagios server (substitute the IP address or hostname for the highlighted part):

http://nagios_server_public_ip/nagios

Because we configured Apache to use htpasswd, you must enter the login credentials that you created earlier. We used "nagiosadmin" as the username:

htaccess Authentication Prompt

After authenticating, you will be see the default Nagios home page. Click on the Hosts link, in the left navigation bar, to see which hosts Nagios is monitoring:

Nagios Hosts Page

As you can see, Nagios is monitoring only "localhost", or itself.

Let's monitor another host with Nagios!

Monitor a CentOS 7 Host with NRPE

In this section, we'll show you how to add a new host to Nagios, so it will be monitored. Repeat this section for each CentOS or RHEL server you wish to monitor.

Note: If you want to monitor an Ubuntu or Debian server, follow the instructions in this link: Monitor an Ubuntu Host with NRPE.

On a server that you want to monitor, install the EPEL repository:

sudo yum install epel-release

Now install Nagios Plugins and NRPE:

Now, let's update the NRPE configuration file. Open it in your favorite editor (we're using vi):

sudo yum install nrpe nagios-plugins-all
sudo vi /etc/nagios/nrpe.cfg

Find the allowed_hosts directive, and add the private IP address of your Nagios server to the comma-delimited list (substitute it in place of the highlighted example):

allowed_hosts=127.0.0.1,10.132.224.168

Save and exit. This configures NRPE to accept requests from your Nagios server, via its private IP address.

Restart NRPE to put the change into effect:

sudo systemctl start nrpe.service
sudo systemctl enable nrpe.service

Once you are done installing and configuring NRPE on the hosts that you want to monitor, you will have to add these hosts to your Nagios server configuration before it will start monitoring them.

Add Host to Nagios Configuration

On your Nagios server, create a new configuration file for each of the remote hosts that you want to monitor in /usr/local/nagios/etc/servers/. Replace the highlighted word, "yourhost", with the name of your host:

sudo vi /usr/local/nagios/etc/servers/yourhost.cfg

Add in the following host definition, replacing the host_name value with your remote hostname ("web-1" in the example), the alias value with a description of the host, and the address value with the private IP address of the remote host:

define host {
        use                             linux-server
        host_name                       yourhost
        alias                           My first Apache server
        address                         10.132.234.52
        max_check_attempts              5
        check_period                    24x7
        notification_interval           30
        notification_period             24x7
}

With the configuration file above, Nagios will only monitor if the host is up or down. If this is sufficient for you, save and exit then restart Nagios. If you want to monitor particular services, read on.

Add any of these service blocks for services you want to monitor. Note that the value of check_command determines what will be monitored, including status threshold values. Here are some examples that you can add to your host's configuration file:

Ping:

define service {
        use                             generic-service
        host_name                       yourhost
        service_description             PING
        check_command                   check_ping!100.0,20%!500.0,60%
}

SSH (notifications_enabled set to 0 disables notifications for a service):

define service {
        use                             generic-service
        host_name                       yourhost
        service_description             SSH
        check_command                   check_ssh
        notifications_enabled           0
}

If you're not sure what use generic-service means, it is simply inheriting the values of a service template called "generic-service" that is defined by default.

Now save and quit. Reload your Nagios configuration to put any changes into effect:

sudo systemctl reload nagios.service

Once you are done configuring Nagios to monitor all of your remote hosts, you should be set. Be sure to access your Nagios web interface, and check out the Services page to see all of your monitored hosts and services:

Nagios Services Page

Conclusion

Now that you monitoring your hosts and some of their services, you might want to spend some time to figure out which services are critical to you, so you can start monitoring those. You may also want to set up notifications so, for example, you receive an email when your disk utilization reaches a warning or critical threshold or your main website is down, so you can resolve the situation promptly or before a problem even occurs.

Please follow and like us:

Configure LAMP on Centos 7

Installing LAMP

To configure your Centos server with LAMP (Linux, Apache, MySQL and PHP) and other required packages on your server.

You can install all the necessary packages with the following command:

sudo yum install httpd mariadb mariadb-server php php-common php-mysql php-gd php-xml php-mbstring php-mcrypt php-xmlrpc unzip wget -y

Once installation is complete, start the Apache and MariaDB services and enable them to start at boot with the following commands:

sudo systemctl start httpd
sudo systemctl start mariadb
sudo systemctl enable httpd
sudo systemctl enable mariadb

Configuring MariaDB for your application

By default MariaDB is not secured, so you will need to secure it first. You can do this by running mysql_secure_installation script:

sudo mysql_secure_installation

Answer all the questions as shown below:

Set root password? [Y/n] n
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y

Your Centos host is now ready for your application and is configured as a LAMP server

Please follow and like us:

Comparing Public Cloud Performance – Part Two – AWS

In the first series on this post I looked at Azure VMs and provided a comparison with IONOS Enterprise Cloud, this next part will focus on AWS.
As a bit of background in case you haven’t read the first part yet, I’ve been working with the major cloud vendors for some years now and for me performance has always been a key factor when choosing the right platform, I’ve always struggled in finding the right balance of cost vs configuration when choosing the right platforms and have created this blog to highlight some of the differences.
I’ve just started a new role as Cloud Architect for 1&1 IONOS Enterprise cloud and one of the main factors in coming here was the technology and some of the claims that it makes especially with performance and simplicity. This blog will highlight those performance claims and also the cost benefit that choosing the right cloud provider will be for you.
For these test I’ve kept it simple, I’m using a small instances that will host microservices so cost is one variable but performance is another, I will be creating an instance with 1 vCPU and 2Gb RAM this system will be a base line for testing and I will use Novabench (novabench.co.uk) for some basic CPU and RAM performance modelling. There are so many tools out there and I find this one real quick and simple to test again some key attributes also using the same tool for the instances will show unbiased results too.
So on with the comparison and next up is AWS, as AWS doesn’t have a 1 CPU and 2GB RAM flavour to choose from I’ve selected the M4_large size as this is as near as consistent with other instances on the clouds I have been testing all be it double that of the IONOS Enterprise Cloud size, the CPU used is an Intel Haswell E5-2660 and the price for this including windows server licensing and support costs comes out at $140.55 per month which equates to £109.22 as calculated by Google currency converter at the time of writing.

2018-11-22_11-27-12AWS Pricing calculator for M4 Large

For IONOS Enterprise Cloud I’ve also selected a slightly reduced spec to AWS and have used the Intel Haswell E5-2660v3 based chip for the OS as this going by my testing should  be very close to the M4 Large instance in AWS, as with AWS I’ve also included the Windows Server license cost in the subscription along with 24/7 support which is actually free. The monthly cost for this server is £50.96 so comparing costs of using IONOS Enterprise Cloud there would be a saving of £699.12 over the year, a saving is a saving so on paper the costs look good so far.

2018-11-20_14-00-37IONOS Enterprise Cloud Pricing

Now what about performance tests between the two?  First I wanted to see how the external and internal internet connectivity was performing, to no big surprise IONOS way out performed AWS by a factor of 2, which is to be expected given the infrastructure backend design running on InfiniBand and the datacentre interconnects.

2018-11-22_10-10-15AWS Speedtest performance rating

2018-11-22_10-40-14IONOS Enterprise Cloud Speedtest performance rating

Next the focus turned to CPU, RAM and disk performance for this I ran the Novabench performance utility and performed tests on both servers, the tests did throw up some major differences between the two. Let’s take a look at AWS first

2018-11-22_10-17-07AWS M4 Large Instance Novabench Results

The AWS results were interesting to a point that twice as much resources were required to get to the same level of the IONOS instance. The AWS instance had a more or less equal score for its CPU, RAM and Disk benchmark but it must be noted that the AWS resources are shared resources instances being hosted on AWS, the RAM score was also at a lower throughput with a difference of  5733 MB/s, but what was noticeable was that the disk read and write performance was half that of IONOS.
The IONOS Enterprise cloud exhibited similar results to AWS but consumed half the resources.

2018-11-20_12-37-19IONOS Instance Novabench result

Conclusion
Due to the dedicated resources that are used by IONOS Enterprise Cloud it becomes apparent that other Public Cloud vendors have to double (AWS & Google) or even quadruple (Azure) their resource configurations to be comparable in performance to IONOS. When comparing AWS to IONOS to get to similar performance of that of IONOS Enterprise Cloud the AWS instance would need to be reconfigured by a factor of 2 which would increase the monthly cost to $140.55 or £109.22 which would equate to £1310.64 for the year of which £700.12 would be for the cost of an equal performance instance of that of the IONOS instance, don’t forget this is for a single system so once you’re deploying 100s or 1000s of instances that soon racks up.
Can you really justify that type of expense of spending an additional £700 per year for one system for the same performance? IONOS Enterprise Cloud provides dedicated CPU and Memory and is surely the way to go.
Get your free 30 day no obligation trial at https://www.ionos.co.uk/pro/enterprise-cloud/

Please follow and like us:

Comparing Public Cloud Performance – Part One – Microsoft Azure

I’ve been working with the major cloud vendors for some years now and for me performance has always been a key factor when choosing the right platform for Infrastructure-as-a-Service, I’ve always struggled in finding the right balance of cost vs configuration when choosing the right platforms and have created this 3 part blog to highlight some of the differences I’ve seen between Azure, AWS and Google Cloud.
I’ve just started a new role as Cloud Architect for 1&1 IONOS, working in the Enterprise Cloud division, and one of the main factors in coming here was the technology stack and the surrounding network settings and some of the claims that it makes especially with performance and simplicity. This blog will highlight those performance claims and also the cost-benefit that choosing the right cloud provider will be for you.
For the tests I’ve kept it simple, I will be using small instances that will host eventually host microservices with Docker so cost will be one variable but performance is another, I will be creating an instance with 1 vCPU and 2Gb RAM, this system will be a baseline for testing, I will use Novabench (novabench.com) for some basic CPU and RAM performance modelling. There are so many tools out there but I find this one real quick and simple to test against some key attributes, I will also use the same tool for all the cloud vendors instances so this should show unbiased results too.
Let’s start by looking at Azure and for this I’ve selected the A1_v2 size as this consistent with other instances on the clouds I will be testing, The CPU used is an Intel Haswell E5-2673 v3 and the price for this including windows server licensing and support costs comes out at £62.20 per month

2018-11-20_13-59-06Azure Pricing calculator for A1_v2

For IONOS Enterprise Cloud I’ve also selected a similar spec and have used the Intel Haswell E5-2660 v3 based chip for the OS as this will be very close to the A1_v2 instance in Azure, Like Azure I’ve also included the Windows Server license cost in the subscription along with 24/7 support which is actually free. The monthly cost for this server is £50.96 so comparing costs of using IONOS Enterprise Cloud there would be a saving of £134.88 over the year, a saving is a saving, so on paper the costs look good so far.

2018-11-20_14-00-37IONOS Enterprise Cloud Pricing for A1_v2 equivalent

Now, what about performance tests between the two?  First I wanted to see how the external and internal internet connectivity was performing, so no big surprise, IONOS way outperformed Azure by a factor of 3, which is to be expected given the infrastructure back end design running on InfiniBand and the datacentre interconnects.

2018-11-22_10-07-47Azure Speedtest performance rating

2018-11-22_10-40-14IONOS Enterprise Cloud Speedtest performance rating

Next, the focus turned to CPU, RAM and disk performance for this I ran the Novabench performance utility and performed tests on both servers, the tests did throw up some major differences between the two. Let’s take a look at Azure first

2018-11-22_10-40-59Azure A1_v2 Instance Novabench Results

The Azure instance had a low score for its CPU benchmark which makes sense as the CPU is a shared resource with other instances being hosted on that Hyper-V cluster node within the Azure cloud, the RAM score was also low with a throughput of 3929 MB/s, but what was noticeable was that the disk read performance was good with a throughput of 163 MB/s but write speeds were a complete polar opposite.
The IONOS Enterprise cloud eclipsed the metrics of the Azure instance and really showed off the advantage of having dedicated CPU and memory resources for the instance

2018-11-20_12-37-19IONOS Instance Novabench result

The CPU performance was 385% that of the CPU in Azure and for Azure to achieve a similar score an additional 3 CPUs would have to be added to maintain the same CPU score. The RAM speed also was way beyond that of Azure and achieved 19318 MB/s a factor of 3 times faster, the disk read & write performance both outperformed Azure, it did maintain an equal throughput for both write and read speeds with writes outperforming by 18 times that of Azure. Just a note here that I used a standard HDD as the storage medium and could have used an SSD instead which would have increased the performance even more.
Finally, I configured another instance in IONOS Enterprise Cloud using an AMD Opteron 62xx 2.8Ghz processor to see it that could match the Intel-based Azure instance and for much of the benchmark scores it was comparable to the Azure instance, even better the cost of the instance was £31.52 a month giving a saving £368.16 over the year. It should be mentioned that IONOS Enterprise Clouds let you configure cores and storage at will in the most granular way possible: core by core and Gigabyte by Gigabyte.

2018-11-20_15-55-43IONOS AMD Instance Novabench result

Conclusion
For Azure to catch up to similar performance of that of IONOS Enterprise Cloud the Azure instance would need to be reconfigured to a A4_v2 size this is 4 times the resources of the IONOS Instance which would increase the monthly cost to £182.44 which would equate to £2210.64 for the year of which £1599.12 would be for the cost of an equal performance instance of that of the IONOS instance.

2018-11-22_10-12-03Azure A4_v2 Instance Novabench Results

Can you really justify that type of expense of spending an additional £1600 per year for the same performance? IONOS Enterprise Cloud employs KVM based virtualisation making extensive use of hardware virtualisation and maps the CPU power of a real core to a vCPU and provides dedicated memory so it is surely the way to go.
Get your free 30 day no obligation trial at https://www.ionos.co.uk/pro/enterprise-cloud/

Please follow and like us:

vSphere 6.7 Released

VMware is announcing vSphere 6.7, the latest release of the industry-leading virtualization and cloud platform. vSphere 6.7 is the efficient and secure platform for hybrid clouds, fueling digital transformation by delivering simple and efficient management at scale, comprehensive built-in security, a universal application platform, and seamless hybrid cloud experience.
vSphere 6.7 delivers key capabilities to enable IT organizations address the following notable trends that are putting new demands on their IT infrastructure:

  • Explosive growth in quantity and variety of applications, from business-critical apps to new intelligent workloads.
  • The rapid growth of hybrid cloud environments and use cases.
  • On-premises data centers growing and expanding globally, including at the Edge.
  • Security of infrastructure and applications attaining paramount importance.

 
Let’s take a look at some of the key capabilities in vSphere 6.7:

 

Simple and Efficient Management, at Scale

vSphere 6.7 builds on the technological innovation delivered by vSphere 6.5, and elevates the customer experience to an entirely new level. It provides exceptional management simplicity, operational efficiency, and faster time to market, all at scale.
vSphere 6.7 delivers an exceptional experience for the user with an enhancedvCenter Server Appliance (vCSA). It introduces several new APIs that improve the efficiency and experience to deploy vCenter, to deploy multiple vCenters based on a template, to make management of vCenter Server Appliance significantly easier, as well as for backup and restore. It also significantly simplifies the vCenter Server topology through vCenter with embedded platform services controller in enhanced linked mode, enabling customers to link multiple vCenters and have seamless visibility across the environment without the need for an external platform services controller or load balancers.
Moreover, with vSphere 6.7 vCSA delivers phenomenal performance improvements (all metrics compared at cluster scale limits, versus vSphere 6.5):

  • 2X faster performance in vCenter operations per second
  • 3X reduction in memory usage
  • 3X faster DRS-related operations (e.g. power-on virtual machine)

These performance improvements ensure a blazing fast experience for vSphere users, and deliver significant value, as well as time and cost savings in a variety of use cases, such as VDI, Scale-out apps, Big Data, HPC, DevOps, distributed cloud native apps, etc.
vSphere 6.7 improves efficiency at scale when updating ESXi hosts, significantly reducing maintenance time by eliminating one of two reboots normally required for major version upgrades (Single Reboot). In addition to that, vSphere Quick Boot is a new innovation that restarts the ESXi hypervisor without rebooting the physical host, skipping time-consuming hardware initialization.
Another key component that allows vSphere 6.7 to deliver a simplified and efficient experience is the graphical user interface itself. The HTML5-based vSphere Client provides a modern user interface experience that is both responsive and easy to use. With vSphere 6.7, it includes added functionality to support not only the typical workflows customers need but also other key functionality like managing NSX, vSAN, VUM as well as third-party components.
 

Comprehensive Built-In Security

vSphere 6.7 builds on the security capabilities in vSphere 6.5 and leverages its unique position as the hypervisor to offer comprehensive security that starts at the core, via an operationally simple policy-driven model.
vSphere 6.7 adds support for Trusted Platform Module (TPM) 2.0 hardware devices and also introduces Virtual TPM 2.0, significantly enhancing protection and assuring integrity for both the hypervisor and the guest operating system. This capability helps prevent VMs and hosts from being tampered with, prevents the loading of unauthorized components and enables guest operating system security features security teams are asking for.
Data encryption was introduced with vSphere 6.5 and very well received.  With vSphere 6.7, VM Encryption is further enhanced and more operationally simple to manage.  vSphere 6.7 simplifies workflows for VM Encryption, designed to protect data at rest and in motion, making it as easy as a right-click while also increasing the security posture of encrypting the VM and giving the user a greater degree of control to protect against unauthorized data access.
vSphere 6.7 also enhances protection for data in motion by enabling encrypted vMotion across different vCenter instances as well as versions, making it easy to securely conduct data center migrations, move data across a hybrid cloud environment (between on-premises and public cloud), or across geographically distributed data centers.
vSphere 6.7 introduces support for the entire range of Microsoft’s Virtualization Based Security technologies. This is a result of close collaboration between VMware and Microsoft to ensure Windows VMs on vSphere support in-guest security features while continuing to run performant and secure on the vSphere platform.
vSphere 6.7 delivers comprehensive built-in security and is the heart of a secure SDDC. It has deep integration and works seamlessly with other VMware products such as vSAN, NSX and vRealize Suite to provide a complete security model for the data center.
 

Universal Application Platform

vSphere 6.7 is a universal application platform that supports new workloads (including 3D Graphics, Big Data, HPC, Machine Learning, In-Memory, and Cloud-Native) as well as existing mission critical applications. It also supports and leverages some of the latest hardware innovations in the industry, delivering exceptional performance for a variety of workloads.
vSphere 6.7 further enhances the support and capabilities introduced for GPUs through VMware’s collaboration with Nvidia, by virtualizing Nvidia GPUs even for non-VDI and non-general-purpose-computing use cases such as artificial intelligence, machine learning, big data and more. With enhancements to Nvidia GRID™ vGPU technology in vSphere 6.7, instead of having to power off workloads running on GPUs, customers can simply suspend and resume those VMs, allowing for better lifecycle management of the underlying host and significantly reducing disruption for end-users. VMware continues to invest in this area, with the goal of bringing the full vSphere experience to GPUs in future releases.
vSphere 6.7 continues to showcase VMware’s technological leadership and fruitful collaboration with our key partners by adding support for a key industry innovation poised to have a dramatic impact on the landscape, which is persistent memory. With vSphere Persistent Memory, customers using supported hardware modules, such as those available from Dell-EMC and HPE, can leverage them either as super-fast storage with high IOPS, or expose them to the guest operating system as non-volatile memory. This will significantly enhance performance of the OS as well as applications across a variety of use cases, making existing applications faster and more performant and enabling customers to create new high-performance applications that can leverage vSphere Persistent Memory.
 

Seamless Hybrid Cloud Experience

With the fast adoption of vSphere-based public clouds through VMware Cloud Provider Program partners, VMware Cloud on AWS, as well as other public cloud providers, VMware is committed to delivering a seamless hybrid cloud experience for customers.
vSphere 6.7 introduces vCenter Server Hybrid Linked Mode, which makes it easy and simple for customers to have unified visibility and manageability across an on-premises vSphere environment running on one version and a vSphere-based public cloud environment, such as VMware Cloud on AWS, running on a different version of vSphere. This ensures that the fast pace of innovation and introduction of new capabilities in vSphere-based public clouds does not force the customer to constantly update and upgrade their on-premises vSphere environment.
vSphere 6.7 also introduces Cross-Cloud Cold and Hot Migration, further enhancing the ease of management across and enabling a seamless and non-disruptive hybrid cloud experience for customers.
As virtual machines migrate between different data centers or from an on-premises data center to the cloud and back, they likely move across different CPU types. vSphere 6.7 delivers a new capability that is key for the hybrid cloud, called Per-VM EVC. Per-VM EVC enables the EVC (Enhanced vMotion Compatibility) mode to become an attribute of the VM rather than the specific processor generation it happens to be booted on in the cluster. This allows for seamless migration across different CPUs by persisting the EVC mode per-VM during migrations across clusters and during power cycles.
Previously, vSphere 6.0 introduced provisioning between vCenter instances. This is often called “cross-vCenter provisioning.” The use of two vCenter instances introduces the possibility that the instances are on different release versions. vSphere 6.7 enables customers to use different vCenter versions while allowing cross-vCenter, mixed-version provisioning operations (vMotion, Full Clone and cold migrate) to continue seamlessly. This is especially useful for customers leveraging VMware Cloud on AWS as part of their hybrid cloud.
 

Learn More

As the ideal, efficient, secure universal platform for hybrid cloud, supporting new and existing applications, serving the needs of IT and the business, vSphere 6.7 reinforces your investment in VMware. vSphere 6.7 is one of the core components of VMware’s SDDC and a fundamental building block of your cloud strategy. With vSphere 6.7, you can now run, manage, connect, and secure your applications in a common operating environment, across your hybrid cloud.
This article only touched upon the key highlights of this release, but there are many more new features. To learn more about vSphere 6.7, please see the following resources.

 
Note:
As part of any new vSphere release, VMware expects to make compatible versions of dependent products available within one quarter of general availability in most cases. At vSphere 6.7 general availability, compatible versions of VMware Horizon, VMware NSX, VMware Integrated OpenStack and VMware vSphere Integrated Containers will not be availableExisting Horizon, NSX, VIC and VIO customers are advised not to upgrade to vSphere 6.7 until compatible versions become available. For additional information on Horizon, NSX, VIC and VIO compatibility, please contact your VMware account team or reseller partner.
 

Please follow and like us: