Installing MariaDB on Ubuntu

Installing MariaDB on Ubuntu

Category : How-to

Get Social!

mariadb-logoMariaDB is termed a drop in replacement for MySQL – that means that you can deploy MariaDB without changing all of your client applications as MariaDB is compatible with most MySQL features and commands.

MariaDB was forked from MySQL when Oracle took over Sun Microsystems in 2010 and was born of the fear that Oracle would not adhere to the development ethos that was used by Sun. I discuss this in more detail in my blog post on MySQL alternative. There are a few gotchas with the new versioning system used by MariaDB and I’d recommend reading the blog post to familiarise yourself.

MariaDB has not yet made it into Ubuntu’s main repositories but is available as an add-in repository from MariaDB directly.

Installing MariaDB on Ubuntu couldn’t be easier – follow one of the below instructions for your version of Ubuntu.

Install MariaDB 10 on Ubuntu 14.04

Use the below commands to add the MariaDB repository to your Ubuntu 14.04 installation.

Run the following commands to install MariaDB.

Install MariaDB 10 on Ubuntu 12.04

Use the below commands to add the MariaDB repository to your Ubuntu 14.04 installation.

Run the following commands to install MariaDB.

Install a different version of MariaDB or a use a different target operating system

MariaDB supports all common Linux distributions and they maintain a repository for each. You can see the full list of distro repositories on their repository configuration tool.


Installing Docker on Ubuntu 14.04

Get Social!

docker-logoDocker is an up and coming virtualisation technology utilising Linux Containers (LXC) to provide a private and consistent working environment across all Docker installations. Docker aims to create portable templates which can be created and distributed to run on any Docker enabled host.

Docker works on a similar premise to OpenVZ and is therefore limited by the same constraints, such as only Linux guests can be created in Docker as each guest shares the hosts kernel. Installing Docker on Ubuntu couldn’t be easier since version 14.04 of Ubuntu saw the Docker packages available through the standard Ubuntu repositories.

Install Docker using the apt-get command:

Check that the docker daemon has been started with the status argument, or start it with the start argument:

Create a symlink to the Docker executable so that the Docker documentation commands can be executed without changing the path. This is required because the Ubuntu package for Docker is installed to a different directory to the default Docker recommendation.

And that’s all there is to it! You now have a working Docker environment. See my next blog post for Creating your first Docker container.

Quick Poll

Are you using Docker.io?

Install the Splunk Forwarder on Ubuntu

Get Social!

splunkThe Splunk Universal Forwarder is a small, light weight daemon which forwards data to your main Splunk server from a variety of sources.

This guide assumes that you have already installed the Splunk server to receive the data.

Download the Splunk Universal Forwarder .deb file from the Splunk website:

Upload the file to your Ubuntu server and place it a temporary directory.

Run the dpkg command to install the Splunk server.  The file name of the .deb file may change as new versions are made available so make sure that you have downloaded.

The output will look like the below. Once you see complete, the Splunk Forwarder installation will be complete.

Next we need to create the init.d script so that we can easily start and stop Splunk. Change the the Splunk directory and run the splunk executable with the below arguments.

Press SPACE to view all of the license agreement and then Y to accept it.

You can now start the forwarder daemon using the init.d script.

See reading log files with the Splunk Forwarder to read your first log file and send the data to the Splunk server.


Create a Ubuntu 14.04 OpenVZ Template for Proxmox

Get Social!

proxmox logo gradThe latest Ubuntu long term support is now available, called Ubuntu 14.04.

There isn’t currently a template available over on OpenVZ however I’m sure that will be shortly rectified. In the meantime, however, you can use the below steps to create a 14.04 Ubuntu template for OpenVZ/ Proxmox. This template has only been lightly tested so please report any errors as you find them.

This template is BETA, please report any problems in the comments.

Vistit Downloads Page

 

You can download a pre-created VM from here directly, or you can create your own using the below notes.

 

Before continuing, this guide assumes that you already have an installation of Ubuntu up and running which you can SSH to. This could be either a KVM or physical machine.

We will use debootstrap to create the template so make sure it’s installed and install it if you haven’t already.

Use debootstrap to download and configure all the required packages to a temporary directory. For this example, we’ll use /tmp/deb.

Copy the below script into the tmp directory of the template root which has just been created. For this example you’ll need to copy the text into this path:

Make the script runnable which chmod.

Run the above script using the chroot command to set up the template.

The script will now run and set up the template using /tmp/deb/ as the templates root.

Once completed, create an archive of the template root device and install it on your OpenVZ/ Proxmox server.

Copy the /tmp/ubuntu-14.04-x86_64-initial1.tar.gz file to your cache directory of your Proxmox install and create your first Ubuntu 14.04 container!

proxmox-ubuntu-1404-template


Install Splunk on Ubuntu

Category : How-to

Get Social!

splunkSplunk is the heavyweight open source software which enables you to index, visualise and explore virtually any machine generated data. Splunk is often used to consume Apache and Nginx web server logs as well as website clicks and any other data which maintains a constant format.

Installing Splunk on any Debian based Linux distribution, such as Ubuntu, couldn’t be easier with the .deb package that available for download.

Visit the Splunk download page to download the Splunk .deb package:

Upload the file to your Ubuntu server and place it a temporary directory.

Run the dpkg command to install the Splunk server.  The file name of the .deb file may change as new versions are made available so make sure that you have downloaded.

The output of the command will look like the below example.

Next we need to create the init.d script so that we can easily start and stop Splunk. Change the the Splunk directory and run the splunk executable with the below arguments.

Press SPACE to view all of the license agreement and then Y to accept it.

Start Splunk with the service command.

You will now be able to access Splunk’s web GUI which is running on port 8000.

Open the URL in the browser and login with the below details:

  • User Name: admin
  • Password: changeme

splunk-dashboard-new


Set up Fail2ban for Proxmox Web GUI

Get Social!

fail2ban_logoFail2ban is an application that scans log files in real time and bans malicious IP addresses based on a set of rules and filters you can set.

For this blog post, we’re going to look at capturing invalid login attempts to the Proxmox Web GUI and ban any IP addresses from accessing the Web GUI if they fail to authenticate 3 times from the same IP address.

Fail2ban is made up of three main component parts:

  • Filter – a Filter is a pattern or regular expression that we wish to search for in the log files. In our case, we want to search for the words ‘authentication failure’ in the log because that’s what the pvedaemon writes when a failed login attempt occurs.
  • Action – an Action is what we’ll do if the filter is found. What we need to do is ban any IP address where the filter is triggered 3 times.
  • Jail – a Jail in Fail2ban is the glue that holds it all together – this ties a Filter, together with an Action and the relevant log file.

Install Fail2ban

Installing Fail2ban on Debian/ Proxmox is as easy as it gets – just use the apt package manager.

Fail2ban is mostly Python, so it’ll need to be installed on the system or apt-get  will install it as a dependency.

Note: by default Fail2ban will enable itself on SSH connections, blocking invalid IPs after 6 invalid attempts. 

Configure Fail2ban for the Proxmox Web GUI

There are several steps to setting up Fail2ban. As mentioned earlier in the post, we want to ban any users IP address from accessing the Proxmox Web GUI if they have failed to authenticate 3 times. We shouldn’t block them indefinitely because it may be a simple password issue that they can resolve with the account administrator. We’ll configure Fail2ban to ban failed attempts for an hour.

Because banning a user after 3 invalid attempts is a fairly basic thing in the world of Fail2ban, we won’t need to create an Action as listed above. We’ll need to create a Jail and a Filter.

The Jail

A Jail in Fail2ban is the core configuration that  combines a Filter, an Action (although this may be default Fail2ban behaviour) and a log file.

The default configuration for Fail2ban is found in /etc/fail2ban/jail.conf and contains many predefined entries for common processes such as FTP and Apache. We shouldn’t edit this file directly when adding new entries, instead, we should create the below file which will be used to override the default jail.conf.

Add the following (this file may not already exist):

The above entry has set a ruleset name of proxmox-web-gui, and the following:

  • enabled – this simply states that this ruleset is active.
  • port – set sthe port that any bans should act on
  • filter – this sets the file name of the filter that we’ll use to detect any login failures. More about this in the next section.
  • logpath – the name or pattern (for example /var/log/apache/*.log) of the log to monitor for the failed logins. This is the file that the above filter will work on.
  • maxretry – this is how many times should the filter detect a problem before starting the ban.
  • bantime – this is how long, in minutes, that the ban be in effect for.

The Filter

Now that we have specified the log file to look in we need to specify how to find the event we need to look for. For our example, Proxmox writes a specific string each time a failed login occurs which looks like the belew:

Our Filter, therefore, needs to look for this text and pull out the IP address.

Create a Filter file called proxmox-web-gui.conf in /etc/fail2ban/filter.d/.

Add the following:

This will match the text that Proxmox writes to the daemon.log file when a failed login is detected. It’s got a Fail2ban specific keyword <HOST> which is what’s used to indicate to Fail2ban where the offending IP address is in the log entry. Fail2ban can then block this IP address as indicated in our Jail file.

Testing Fail2ban Filters

Fail2ban provides a nice little utility to test your Filter definitions to make sure they are working as you intend. First things first – we need an entry in our log file for an invalid login attempt. Go to your Proxmox Web GUI and enter some invalid login credentials.

The command to use is fail2ban-regex which has two parameters; the log file location and the Filter location.

An example of the output is below. The text Success, the total number of match is 1 states that there is one match in the log for our pattern in the proxmox-web-gui.conf file.

Restart fail2ban for the new Jail to be loaded.

To check your new Jail has been loaded, run the following command and look for the proxmox-web-gui Jail name next to Jail List.

Try to log into the Proxmox Web GUI with an incorrect user 3 and see your IP address appear in the Currently banned section.

 


Visit our advertisers

Search

Quick Poll

What type of VPN protocol do you use?

Visit our advertisers