August 29

Using Google to relay mail

First I apologize for the brevity of this post. I hadn’t planned on doing a post but this turned into a lot of steps that are not put together in one place. These are more or less notes for me to jog my memory if I ever need to do this again. If I have to do this again, I will definitely do a more detailed post.

So I have been setting up a new monitoring solution (prometheus/alertmanager/grafana) and I wanted to relay alerts through Gmail. This wasn’t as straight forward a process as I had hoped.

I wanted to do things as securely as possible so I have it locked down to IP address and I created a "Service Account" email account for relaying mail. So there were a couple of gotchas.

First, you need to log into webmail and accept the End User License agreement. This hung me up for a spell.

Second, you need to enable 2 Factor authentication so you can create app passwords. Rightfully Google sees the SMTP agent as an unauthorized device if you attempt to use the same password you do to log into the web client.

Lastly I have been experiencing some TLS/SSL issues communicating with Postfix locally. For now AlertManager is connecting to the local Postfix without TLS. To relay mail to Google, Postfix connects securely though. This was acceptable for us at this time.

I also had to make modifications to the startup scripts for prometheus and alertmanager to make use of the NGINX reverse proxy so I can get authentication along with a Let’s Encrypt certificate that encrypts everything. This in turn required a change to prometheus for metrics collection and the Grafana data source so I could graph the collected metrics.

Again I apologize for the vagueness here, this is a basic guideline to help kick start things for me.

Links that where helpful:

https://productforums.google.com/forum/#!topic/apps/LFIrxblUozs
https://www.digitalocean.com/community/tutorials/how-to-use-alertmanager-and-blackbox-exporter-to-monitor-your-web-server-on-ubuntu-16-04
https://www.digitalocean.com/community/tutorials/how-to-use-alertmanager-and-blackbox-exporter-to-monitor-your-web-server-on-ubuntu-16-04
https://www.howtoforge.com/tutorial/configure-postfix-to-use-gmail-as-a-mail-relay/
https://github.com/prometheus/alertmanager/issues/430

July 16

Helios4

The Helios4 Open Source & Open Hardware Network Attached Storage (NAS) box is doing a second run. I was fortunate enough to get one of these during their first run and I have to say I am impressed. I fitted mine out with 4x 10TB drives and have since been dumping everything to it. It is very nice to know that I have a backup target where I know I will have enough space. If you are interested here is a link to get one of your own.

Helios4 – Full Kit 2GB ECC (2nd Batch Pre-Order)

May 23

Installing Spacewalk

So this was frustrating. Attempting to follow a couple of different “how to install spacewalk” yielded frustration.  I did find this post that was very good and worked, with a couple of caveats I found during my trials it get this installed. This is the post I followed.

http://www.catonrug.net/2016/07/install-spacewalk-25-on-centos-7.html

Caveats:

  1. Have the hostname set in /etc/sysconfig/network :  HOSTNAME=server.example.com  (doesn’t hurt to have this correct in /etc/hosts and /etc/hostname either). I overlooked this and it is a stupid mistake. Always set your hostname.
  2. This was the bigger one… c3p0 which provides JDBC DataSources/Resource Pools was upgraded and it’s path was moved. Downgrading to the previous version fixes things. Here is what I did:
    yum downgrade c3p0-0.9.1.2-2.jpp5.noarch

So I have this up and running now. I am continuing to follow the individuals guide on getting the software channels created and setup. I also need to go through my notes, I have some scripts I used in a previous life on SuSE Manager for cutting new channels. Hopefully they will get me in the right direction to managing this pig when it is working.

While continuing with this project I found the following site had some helpful information regarding Spacewalk channels and client installs:

http://www.catonrug.net/2016/01/create-centos-7-base-software-channel-spacewalk.html

Follow up sites:

How To Manage Spacewalk Channels And Repositories

Install And Register Spacewalk Client To The Spacewalk Server

This is becoming a stream of consciousness and I will need to work out a better way of doing this but another tidbit for password recovery (yes it already happened)

Try using command line tool

satwho
satpasswd <username>

Addition of the EPEL repo:

epel channel
Channel Name: centos-7-epel-x86_64
GPG key URL: http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
GPG key ID: 352C64E5
GPG key Fingerprint: 91E9 7D7C 4A5E 96F1 7F3E 888F 6A2F AEA2 352C 64E5

epel repo
Repository Label: centos-7-epel-x86_64
Repository URL: http://dl.fedoraproject.org/pub/epel/7/x86_64/

 

April 28

I felt I needed to post something

It has been a little while since I posted anything so a quick update. I have wrapped up coaching for my kids, I am 1 month into a new job, and spring is here so trying to get lots done outside. New job I think is going well (boss, if you read this and disagree come see me). One of the biggest reasons I took the new position is their use of AWS (Amazon Web Services). Now that being said, I have little experience with AWS so what’s a guy to do but go and learn it! I have used Udemy for learning new things which have been hit or miss in the past. Upon looking for AWS related items I stumbled across A Cloud Guru’s courses and so far, I haven’t been disappointed. I am actually really impressed. So far they have been very informative and easy to follow. It has enabled me to have better discussions with those I report to and it is beginning to give me insight into the power of AWS and how it can/will be able to solve some of the problems we are facing. To say I am excited to begin working on providing solutions and taking things to a new level is and understatement. I am anticipating taking the AWS Certified Solutions Architect Associate and then the SysOps Administrator Associate certifications but we will see how fast I get bogged down with issues. I am currently 15% completed on the Solutions Architect course work so I hope I can keep up my momentum.

March 16

Hello world!

First post! I am going to attempt to post and update this site on things I am working on, pitfalls encountered, and hopefully how to finish what I started. Not entirely sure what all will be going here to start with. At present it will be mostly computer related items, attempting to document installs or break-fix items so I can find it back. I have text documents spread out all over the place and well, it is time to get organized.

So, let’s see how this all goes…