diff options
Diffstat (limited to 'nms')
| -rw-r--r-- | nms/.bashrc | 16 | ||||
| -rw-r--r-- | nms/Dockerfile.in | 3 | ||||
| -rw-r--r-- | nms/README.md | 26 | ||||
| -rwxr-xr-x | nms/config.pm | 4 | ||||
| -rw-r--r-- | nms/nms-dump.sql | 190 | ||||
| -rw-r--r-- | nms/note | 1 | ||||
| -rw-r--r-- | nms/pg_hba.conf | 16 | ||||
| -rw-r--r-- | nms/postgresql.conf | 10 |
8 files changed, 222 insertions, 44 deletions
diff --git a/nms/.bashrc b/nms/.bashrc new file mode 100644 index 0000000..06072e3 --- /dev/null +++ b/nms/.bashrc @@ -0,0 +1,16 @@ +NAME='NMS Docker' + + +ln -s /srv/tgmanage/web/etc/apache2/nms.tg16.gathering.org.conf /etc/apache2/sites-enabled/ +ln -s /srv/tgmanage/nms/config.pm /srv/tgmanage/include/ +echo 'demo:$apr1$IKrQYF6x$0zmRciLR7Clc2tEEosyHV.' > /srv/tgmanage/web/.htpasswd + +/etc/init.d/apache2 restart +echo "go here to look at nms: http://172.17.0.2:8080/" + +# Aliases +alias h="history" +alias l="ls -lAhoF --color --show-control-chars" +alias ll="ls -lash --color --show-control-chars" +alias cd..="cd .." + diff --git a/nms/Dockerfile.in b/nms/Dockerfile.in index b65168d..9f0dfd6 100644 --- a/nms/Dockerfile.in +++ b/nms/Dockerfile.in @@ -93,7 +93,8 @@ RUN a2enmod cgi RUN sed -i 's/Listen 80/Listen 8080/g' /etc/apache2/ports.conf RUN ln -s /srv/tgmanage/web/etc/apache2/nms.tg16.gathering.org.conf /etc/apache2/sites-enabled/ #(no, not for production, it's just demo:demo during development) -RUN echo 'demo:$apr1$IKrQYF6x$0zmRciLR7Clc2tEEosyHV.' > /srv/tgmanage/web/.htpasswd +RUN echo 'demo:$apr1$IKrQYF6x$0zmRciLR7Clc2tEEosyHV.' > /srv/tgmanage/web/htpasswd-read +RUN echo 'demo:$apr1$IKrQYF6x$0zmRciLR7Clc2tEEosyHV.' > /srv/tgmanage/web/htpasswd-write RUN systemctl enable apache2 # Varnish shait diff --git a/nms/README.md b/nms/README.md index 4d310cb..9a23e8d 100644 --- a/nms/README.md +++ b/nms/README.md @@ -2,21 +2,31 @@ ## Installation - fetch data from tg server: `scp ${USER}@wat.gathering.org:/root/nms-2015.sql.gz .` +- Rename the nms dump so we can use it later: `mv nms-2015.sql.gz nms-dump.sql.gz` -- Do the Debian install(or whatever OS you're on.): https://docs.docker.com/engine/installation/linux/debian/ And make sure that your user is in the docker group, so that you can run docker without sudo. +- Do the Debian install(or whatever OS you're on.): +https://docs.docker.com/engine/installation/linux/debian/ +And make sure that your user is in the docker group, so that you can run docker without sudo. - Clone repository: `git clone git@github.com:tech-server/tgmanage.git` - run `./makedockerfiles.sh`, which creates the docker image files, and builds them. -- Start database node: `docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=db nms-db` -- Start front end node: ` docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=front --link=db:db nms-front ` -- Find IP's: `docker inspect front`, `docker instpect db` -- Start a shell in a container: `docker exec front /bin/bash` -- Open localhost:PORT in browser to start testing. +- Start database node: +`docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=db nms-db` +- Start front end node: +-- with cgroup: `docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=front --link=db:db nms-front` +-- getting to prompt(without cgroup): +`docker run -v "/home/kiro/repos/tgmanage:/srv/tgmanage" -v "/home/kiro/repos/tgmanage/nms/.bashrc:/root/.bashrc" -w "/srv/tgmanage/web/nms.gathering.org" \ +-rm=true -ti --name=front --privileged nms-front /bin/bash` +- Find IP's: +`docker inspect nms-db | grep "IPAddress\":"` +`docker inspect nms-front | grep "IPAddress\":"` -## TODO -- finish the installation guide above. +- Open the nms-front ip in the web browser. +http://172.17.0.2:8080/ + +- Note: `docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --rm -ti` diff --git a/nms/config.pm b/nms/config.pm index faaeaa1..db9775f 100755 --- a/nms/config.pm +++ b/nms/config.pm @@ -6,9 +6,9 @@ package nms::config; # DB our $db_name = "nms"; -our $db_host = "db"; +our $db_host = "nms-dev-db.gathering.org"; our $db_username = "nms"; -our $db_password = "foobar"; +our $db_password = "nms-lol"; # NMS hash used for public NMS obfuscation of interface names our $nms_hash = "<removed>"; diff --git a/nms/nms-dump.sql b/nms/nms-dump.sql index bbe141d..25ba3ac 100644 --- a/nms/nms-dump.sql +++ b/nms/nms-dump.sql @@ -44,17 +44,18 @@ SET default_tablespace = ''; SET default_with_oids = false; -- --- Name: dhcp; Type: TABLE; Schema: public; Owner: postgres; Tablespace: +-- Name: dhcp; Type: TABLE; Schema: public; Owner: nms; Tablespace: -- CREATE TABLE dhcp ( switch integer, - "time" timestamp without time zone, - mac macaddr + "time" timestamp with time zone, + mac macaddr, + ip inet ); -ALTER TABLE dhcp OWNER TO postgres; +ALTER TABLE dhcp OWNER TO nms; -- -- Name: linknet_ping; Type: TABLE; Schema: public; Owner: nms; Tablespace: @@ -77,9 +78,11 @@ ALTER TABLE linknet_ping OWNER TO nms; CREATE TABLE linknets ( linknet integer NOT NULL, switch1 integer NOT NULL, - addr1 inet NOT NULL, + addr1 inet, switch2 integer NOT NULL, - addr2 inet NOT NULL + addr2 inet, + port1 character varying(10), + port2 character varying(10) ); @@ -162,7 +165,7 @@ CREATE TABLE seen_mac ( ALTER TABLE seen_mac OWNER TO nms; -- --- Name: snmp; Type: TABLE; Schema: public; Owner: postgres; Tablespace: +-- Name: snmp; Type: TABLE; Schema: public; Owner: nms; Tablespace: -- CREATE TABLE snmp ( @@ -176,7 +179,7 @@ CREATE TABLE snmp ( ALTER TABLE snmp OWNER TO nms; -- --- Name: snmp_id_seq; Type: SEQUENCE; Schema: public; Owner: postgres +-- Name: snmp_id_seq; Type: SEQUENCE; Schema: public; Owner: nms -- CREATE SEQUENCE snmp_id_seq @@ -190,7 +193,7 @@ CREATE SEQUENCE snmp_id_seq ALTER TABLE snmp_id_seq OWNER TO nms; -- --- Name: snmp_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: postgres +-- Name: snmp_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: nms -- ALTER SEQUENCE snmp_id_seq OWNED BY snmp.id; @@ -252,19 +255,26 @@ ALTER TABLE switch_temp OWNER TO nms; CREATE TABLE switches ( switch integer DEFAULT nextval(('"switches_switch_seq"'::text)::regclass) NOT NULL, - ip inet, + mgmt_v4_addr inet, sysname character varying NOT NULL, switchtype character varying DEFAULT 'ex2200'::character varying NOT NULL, last_updated timestamp with time zone, locked boolean DEFAULT false NOT NULL, poll_frequency interval DEFAULT '00:01:00'::interval NOT NULL, - community character varying DEFAULT 'public'::character varying NOT NULL, + community character varying DEFAULT 'FullPuppTilNMS'::character varying NOT NULL, lldp_chassis_id character varying, - secondary_ip inet, + mgmt_v6_addr inet, placement box, subnet4 cidr, subnet6 cidr, - distro character varying + distro_name character varying, + distro_phy_port character varying(100), + mgmt_v6_gw inet, + mgmt_v4_gw inet, + mgmt_vlan integer DEFAULT 666, + traffic_vlan integer, + last_config_fetch timestamp with time zone, + current_mac macaddr ); @@ -285,6 +295,17 @@ CREATE SEQUENCE switches_switch_seq ALTER TABLE switches_switch_seq OWNER TO nms; -- +-- Name: test_table; Type: TABLE; Schema: public; Owner: nms; Tablespace: +-- + +CREATE TABLE test_table ( + test timestamp with time zone +); + + +ALTER TABLE test_table OWNER TO nms; + +-- -- Name: linknet; Type: DEFAULT; Schema: public; Owner: nms -- @@ -292,7 +313,7 @@ ALTER TABLE ONLY linknets ALTER COLUMN linknet SET DEFAULT nextval('linknets_lin -- --- Name: id; Type: DEFAULT; Schema: public; Owner: postgres +-- Name: id; Type: DEFAULT; Schema: public; Owner: nms -- ALTER TABLE ONLY snmp ALTER COLUMN id SET DEFAULT nextval('snmp_id_seq'::regclass); @@ -354,14 +375,28 @@ ALTER TABLE ONLY switches -- --- Name: dhcp_switch; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: dhcp_ip; Type: INDEX; Schema: public; Owner: nms; Tablespace: +-- + +CREATE INDEX dhcp_ip ON dhcp USING btree (ip); + + +-- +-- Name: dhcp_mac; Type: INDEX; Schema: public; Owner: nms; Tablespace: +-- + +CREATE INDEX dhcp_mac ON dhcp USING btree (mac); + + +-- +-- Name: dhcp_switch; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX dhcp_switch ON dhcp USING btree (switch); -- --- Name: dhcp_time; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: dhcp_time; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX dhcp_time ON dhcp USING btree ("time"); @@ -375,6 +410,13 @@ CREATE INDEX ping_index ON ping USING btree ("time"); -- +-- Name: ping_secondary_index; Type: INDEX; Schema: public; Owner: nms; Tablespace: +-- + +CREATE INDEX ping_secondary_index ON ping_secondary_ip USING btree ("time"); + + +-- -- Name: polls_ifname; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- @@ -417,21 +459,21 @@ CREATE INDEX seen_mac_seen ON seen_mac USING btree (seen); -- --- Name: snmp_time; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: snmp_time; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX snmp_time ON snmp USING btree ("time"); -- --- Name: snmp_time15; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: snmp_time15; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX snmp_time15 ON snmp USING btree (id, switch); -- --- Name: snmp_time6; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: snmp_time6; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX snmp_time6 ON snmp USING btree ("time" DESC, switch); @@ -466,7 +508,7 @@ CREATE INDEX updated_index3 ON ping_secondary_ip USING btree ("time"); -- --- Name: dhcp_switch_fkey; Type: FK CONSTRAINT; Schema: public; Owner: postgres +-- Name: dhcp_switch_fkey; Type: FK CONSTRAINT; Schema: public; Owner: nms -- ALTER TABLE ONLY dhcp @@ -474,7 +516,7 @@ ALTER TABLE ONLY dhcp -- --- Name: snmp_switch_fkey; Type: FK CONSTRAINT; Schema: public; Owner: postgres +-- Name: snmp_switch_fkey; Type: FK CONSTRAINT; Schema: public; Owner: nms -- ALTER TABLE ONLY snmp @@ -513,6 +555,67 @@ REVOKE ALL ON SCHEMA public FROM PUBLIC; REVOKE ALL ON SCHEMA public FROM postgres; GRANT ALL ON SCHEMA public TO postgres; GRANT ALL ON SCHEMA public TO PUBLIC; +GRANT ALL ON SCHEMA public TO fap; + + +-- +-- Name: dhcp; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE dhcp FROM PUBLIC; +REVOKE ALL ON TABLE dhcp FROM nms; +GRANT ALL ON TABLE dhcp TO nms; +GRANT ALL ON TABLE dhcp TO fap; + + +-- +-- Name: linknet_ping; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE linknet_ping FROM PUBLIC; +REVOKE ALL ON TABLE linknet_ping FROM nms; +GRANT ALL ON TABLE linknet_ping TO nms; +GRANT ALL ON TABLE linknet_ping TO fap; + + +-- +-- Name: linknets; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE linknets FROM PUBLIC; +REVOKE ALL ON TABLE linknets FROM nms; +GRANT ALL ON TABLE linknets TO nms; +GRANT ALL ON TABLE linknets TO fap; + + +-- +-- Name: ping; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE ping FROM PUBLIC; +REVOKE ALL ON TABLE ping FROM nms; +GRANT ALL ON TABLE ping TO nms; +GRANT ALL ON TABLE ping TO fap; + + +-- +-- Name: ping_secondary_ip; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE ping_secondary_ip FROM PUBLIC; +REVOKE ALL ON TABLE ping_secondary_ip FROM nms; +GRANT ALL ON TABLE ping_secondary_ip TO nms; +GRANT ALL ON TABLE ping_secondary_ip TO fap; + + +-- +-- Name: polls; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE polls FROM PUBLIC; +REVOKE ALL ON TABLE polls FROM nms; +GRANT ALL ON TABLE polls TO nms; +GRANT ALL ON TABLE polls TO fap; -- @@ -522,26 +625,48 @@ GRANT ALL ON SCHEMA public TO PUBLIC; REVOKE ALL ON TABLE seen_mac FROM PUBLIC; REVOKE ALL ON TABLE seen_mac FROM nms; GRANT ALL ON TABLE seen_mac TO nms; +GRANT ALL ON TABLE seen_mac TO fap; -- --- Name: snmp; Type: ACL; Schema: public; Owner: postgres +-- Name: snmp; Type: ACL; Schema: public; Owner: nms -- REVOKE ALL ON TABLE snmp FROM PUBLIC; -REVOKE ALL ON TABLE snmp FROM postgres; -GRANT ALL ON TABLE snmp TO postgres; +REVOKE ALL ON TABLE snmp FROM nms; GRANT ALL ON TABLE snmp TO nms; +GRANT ALL ON TABLE snmp TO postgres; +GRANT ALL ON TABLE snmp TO fap; -- --- Name: snmp_id_seq; Type: ACL; Schema: public; Owner: postgres +-- Name: snmp_id_seq; Type: ACL; Schema: public; Owner: nms -- REVOKE ALL ON SEQUENCE snmp_id_seq FROM PUBLIC; -REVOKE ALL ON SEQUENCE snmp_id_seq FROM postgres; -GRANT ALL ON SEQUENCE snmp_id_seq TO postgres; +REVOKE ALL ON SEQUENCE snmp_id_seq FROM nms; GRANT ALL ON SEQUENCE snmp_id_seq TO nms; +GRANT ALL ON SEQUENCE snmp_id_seq TO postgres; + + +-- +-- Name: switch_comments; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE switch_comments FROM PUBLIC; +REVOKE ALL ON TABLE switch_comments FROM nms; +GRANT ALL ON TABLE switch_comments TO nms; +GRANT ALL ON TABLE switch_comments TO fap; + + +-- +-- Name: switch_temp; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE switch_temp FROM PUBLIC; +REVOKE ALL ON TABLE switch_temp FROM nms; +GRANT ALL ON TABLE switch_temp TO nms; +GRANT ALL ON TABLE switch_temp TO fap; -- @@ -551,6 +676,17 @@ GRANT ALL ON SEQUENCE snmp_id_seq TO nms; REVOKE ALL ON TABLE switches FROM PUBLIC; REVOKE ALL ON TABLE switches FROM nms; GRANT ALL ON TABLE switches TO nms; +GRANT ALL ON TABLE switches TO fap; + + +-- +-- Name: test_table; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE test_table FROM PUBLIC; +REVOKE ALL ON TABLE test_table FROM nms; +GRANT ALL ON TABLE test_table TO nms; +GRANT ALL ON TABLE test_table TO fap; -- diff --git a/nms/note b/nms/note deleted file mode 100644 index 58adfa6..0000000 --- a/nms/note +++ /dev/null @@ -1 +0,0 @@ -# docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --rm -ti diff --git a/nms/pg_hba.conf b/nms/pg_hba.conf index d026e1a..9b23a31 100644 --- a/nms/pg_hba.conf +++ b/nms/pg_hba.conf @@ -95,6 +95,22 @@ host all all ::1/128 md5 host nms nms 172.17.0.0/16 md5 +# NOC-nett +host nms nms 185.110.150.0/25 md5 +host nms nms 2a06:5841:150a::0/64 md5 + +host nms fap 185.110.150.0/25 md5 +host nms fap 2a06:5841:150a::0/64 md5 + +# Server-nett +host nms nms 185.110.148.0/26 md5 +host nms nms 2a06:5841:1337::0/64 md5 + +host nms fap 185.110.148.0/26 md5 +host nms fap 2a06:5841:1337::0/64 md5 +# r2-d2 med mer +host nms nms 185.110.149.0/26 md5 + # Allow replication connections from localhost, by a user with the # replication privilege. #local replication postgres peer diff --git a/nms/postgresql.conf b/nms/postgresql.conf index 23241a7..dee1129 100644 --- a/nms/postgresql.conf +++ b/nms/postgresql.conf @@ -113,19 +113,19 @@ ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key' # (change requires rest # - Memory - -shared_buffers = 2048MB # min 128kB +shared_buffers = 76GB # min 128kB # (change requires restart) #huge_pages = try # on, off, or try # (change requires restart) -#temp_buffers = 8MB # min 800kB +temp_buffers = 32MB # min 800kB #max_prepared_transactions = 0 # zero disables the feature # (change requires restart) # Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory # per transaction slot, plus lock space (see max_locks_per_transaction). # It is not advisable to set max_prepared_transactions nonzero unless you # actively intend to use prepared transactions. -#work_mem = 4MB # min 64kB -#maintenance_work_mem = 64MB # min 1MB +work_mem = 16MB # min 64kB +maintenance_work_mem = 256MB # min 1MB #autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem #max_stack_depth = 2MB # min 100kB dynamic_shared_memory_type = posix # the default is the first option @@ -173,7 +173,7 @@ dynamic_shared_memory_type = posix # the default is the first option # - Settings - -#wal_level = minimal # minimal, archive, hot_standby, or logical +wal_level = archive # minimal, archive, hot_standby, or logical # (change requires restart) #fsync = on # turns forced synchronization on or off #synchronous_commit = on # synchronization level; |