BGP monitoring playground
Monitoring BGP can be done in various ways. First thing people want to know is if there is a way to get notifications in case a BGP peering session goes down. A pretty common way monitoring the BGP peering session state is using SNMP and the RFC1269 MIB. In OpenNMS Horizon we have the BGP session monitor which allows to track the state using the BGP peer table. The downside is, you need to configure for every peering session a monitor and this can be cumbersome and hard to maintain. Continue reading
OpenNMS Horizon, Docker, Traefik and Let's Encrypt
I work from home for over 6 years now and especially when you like networking, want to get stuff up and running and breaking it - you start looking around :) You’ve heard about k8s, k{0,3}s or Microk8s but you don’t want to use it to run your private blog and you find yourself in a spot where the benefits running stuff in containers justify the pain - this article might be something for you :) Continue reading
Quick manual Kafka OpenNMS stack
We have gathered a few ready-to-run Docker stacks in our public stack-play GitHub repository. But sometimes you need Kafka, Zookeeper and OpenNMS quickly on a baremetal deployment without Docker. Here a few quick notes how to get the bare minimum up and running. Zookeeper Install OpenJDK 11 JRE sudo apt install -y openjdk-11-jre Create a user for zookeeper sudo adduser --system --home /opt/zookeeper --disabled-login zookeeper Create a logs directory sudo mkdir /var/log/zookeeper sudo chown zookeeper:nogroup /var/log/zookeeper -R Install zookeeper Continue reading
Setting up a VMware Test environment
To test functions like importing OVA files in VMware ESXi and with vCenter the trial phase and a local deployment can be used. You need the following requirements: VMware Workstation on Windows or VMware Fusion on Mac OSX VMware Hypervisor ISO image to install the ESXi host system VMware vCenter ISO image for local deployment If you just want to learn how it works you can get a 60 days trial license registering an account on VMware. Continue readingIf you determine “human error” as the root cause, then you’re doing it wrong.
Jan Schaumann
VMware multipathd log spam
While I was deploying Loki with Promtail I’ve seen a lot of log spam from Ubuntu virtual machines in my VMware environment. As a note to myself and for some others who want cleaner system logs – here is what I’ve found to get rid of it. The log entries look like these here: 2021-04-07 20:14:21 opennms-bgp multipathd[693]: sda: failed to get sgio uid: No such file or directory 2021-04-07 20:14:21 opennms-bgp multipathd[693]: sda: failed to get sysfs uid: Invalid argument 2021-04-07 20:14:21 opennms-bgp multipathd[693]: sda: failed to get udev uid: Invalid argument 2021-04-07 20:14:21 opennms-bgp multipathd[693]: sda: add missing path The best article I’ve found was from SUSE describing the problems source. Continue reading
Installing Node Exporter on Linux
In OpenNMS Horizon 28+ is now a PrometheusCollector available. It scrapes the metrics from the provided exporter pages and allows to add data collections. As of speaking today it is not 100% feature complete, scraping data types like histograms is not implemented yet. If you want to play around here is a quick way to get the Linux Node_Exporter installed. The following steps are executed in a root shell with sudo -i. Continue reading
Hardening SSH for audit
Running a server in the public requires some additional work. Especially if you want management access via SSH for Ansible or if you want break stuff manually with fiddeling around :) You can run an SSH audit of your public server using https://www.sshaudit.com. This section here is a very condensed way to get an A rating. Just use strong host key for authentication of the host # file: /etc/ssh/sshd_config HostKey /etc/ssh/ssh_host_ed25519_key HostKey /etc/ssh/ssh_host_rsa_key Delete existing keys and re-generate the RSA and ED25519 keys Continue reading