runnane Everything that matters ++

16Jun/140

Altibox without mediaconverter and ZyXEL

Background:

Much power consuming equipment and unnecessary hops in my rack pushed me to eliminating the Altibox mediaconverter and ZyXEL 2812 router.

The setup is usually:

Altibox BiDi 1310/1550 SM fiber -> SC Mediaconverter (tx1310 rx1550) -> ZyXEL 2812 router.

What I did was first tagging through the Internet VLAN from the mediaconverter via my switch to my ZyWALL USG-50. Step two will be to add a SFP to the switch to eliminate the mediaconverter. I used port 24 (dual personality GE copper/SFP) for the incoming trunk, and port 22 (GE copper) for the downlink to the switch.

Since i have my fibers terminated in a patch panel, I can use a SC-LC cable directly into a SFP.

I _could_ have added a WAN vlan on my ZyWALL USG-50 to route the traffic directly here, but that would mean having to reconfigure to an additional interface.

Tagged VLANS incoming from Altibox to 2812:

100: PROVISIONING/VOIP
101: TV
102: INTERNET

Howto:

  1. Enable bridging mode for your subscription on altibox.no partnerpage (not sure if this is needed)
  2. Configure vlan 102 on the switch
  3. Add tagged 102 to port 24
  4. Add untagged 102 to port 22
  5. Connect mediaconverter to 24
  6. Connect your own router to port 22
  7. (optional) Add SFP BiDi BX-D (tx1310 rx 1550) to port 24. If you have a SC port on your mediaconverter, you may need a SC to LC adapter, or SC-SC adapter with a SC-LC cable.

Notes:

Not sure if it is possible to tag vlans for TV, since I do not have these services, I am unable to experiment. Since VoIP require som sort of SIP user/pwd and reg server, this most certantly is impossible. TV should work if your switch is multicast enabled or "unaware".

Perhaps it is needed to to some MAC spoofing, but since bridging is possible, I will try without and see how it works.

Sources:

http://freak.no/forum/forumdisplay.php?f=118

 

4Jun/140

Check_MK bleeding edge

I have been doing som OMD/Check_MK bleeding edge testing and development, aswell as collecting interesting plugins and locals. Running a Debian Wheezy box on ESXi

My notes:

Get and install the last omd package (as of 3 june 2014):

wget "http://files.omdistro.org/nightly/2014-06-01/omd-1.11.20140601.wheezy.i386.deb"
dpkg -i omd-1.11.20140601.wheezy.i386.deb

Stop and upgrade the site:

omd stop <sitename>
omd update <sitename>
omd start  sitename>

Check for errors and reload

omd su <sitename>
cmk -R

Once in a while I've had some settings that do not upgrade successfully, and I've had to hunt bugs. One error that occurs, is the reset of NagVis rights when using MultisiteRights (http://mathias-kettner.de/checkmk_wato_nagvis_auth.html). This document has not been updated to reflect the latest changes, the file is now defined by a variable called "authorisation_multisite_file", which is placed at ~/var/check_mk/wato/auth/auth.php. This variable also must be set.

To fix this, i have to set these properties each time i upgrade:

omd su <sitename>
vim ~/etc/nagvis/conf.d/auth.ini.php

Add:

[global]
authorisationmodule="CoreAuthorisationModMultisite"
authorisation_multisite_file="/opt/omd/sites/<sitename>/var/check_mk/wato/auth/auth.php"

 

The new OMD packages has native support for ESXi host monitoring (and automatic mapping VM<->Hosts). See http://mathias-kettner.de/checkmk_vsphere.html. Check up on the section about piggybacking for mapping vm-names with wato-host-names if these are not identical.

Plugins that I use besides the automaticly installed ones:

lm-sensors package, neatly packed by BenV: http://notes.benv.junerules.com/lmsensors/

apache_status (update the servers variable to hardcode which servers to monitor - autodetect is not working as intended for multiple servers. I usually set it to "servers = [ ( 'http', '::1', 80 ),( 'https', '::1', 443 ) ]"

check_apt (for checking debian packages) http://exchange.check-mk.org/index.php?option=com_remository&Itemid=53&func=startdown&id=114

mk_mysql - needs username/pwd in configfile, so watch out.

2Jun/140

Monitoring Raspberry Pi fw versions with check_mk

Modified http://exchange.nagios.org/directory/Plugins/Hardware/Others/check_rpi_firmware/details to work with my omd/check_mk setup for monitoring firmware versions on rpi farm.

Code:

#/bin/bash
raw_firmware=`/opt/vc/bin/vcgencmd version`
date_version=`echo $raw_firmware | awk '{print $1,$2,$3,$4}'`
git_version=`echo $raw_firmware | awk '{print $10}'`
echo "0 RpiFirmwareVersion hash=($git_version) $date_version ($git_version)"
exit 0

Commands:

vim /usr/lib/check_mk_agent/local/RpiFirmwareVersion
chmod +x /usr/lib/check_mk_agent/local/RpiFirmwareVersion