From 6a0e6b922827fdff33da8e3539955f08d2522cea Mon Sep 17 00:00:00 2001 From: Sonal Mittal <62133890+Sonal0409@users.noreply.github.com> Date: Tue, 13 Apr 2021 21:28:49 -0400 Subject: [PATCH 1/3] Update Kubernetes_setup.txt --- Kubernetese/Kubernetes_setup.txt | 52 ++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/Kubernetese/Kubernetes_setup.txt b/Kubernetese/Kubernetes_setup.txt index d26e741..8b85f08 100644 --- a/Kubernetese/Kubernetes_setup.txt +++ b/Kubernetese/Kubernetes_setup.txt @@ -55,6 +55,58 @@ how to find kubeadm join token later kubeadm token create --print-join-command --ttl=0 +## Install Kubernetes on CENTOS +### Step1: `On All Machines ( Master & All nodes ):` + + ### Set SELinux in permissive mode (effectively disabling it) + + setenforce 0 + sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config + + ### Install Docker + + sudo yum remove -y docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine docker-ce docker-ce-cli containerd.io + sudo yum install -y yum-utils device-mapper-persistent-data lvm2 + sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo + sudo yum install -y docker-ce docker-ce-cli containerd.io + systemctl enable --now docker + systemctl start docker + + ### Install kubeadm,kubelet,kubectl + + cat < /etc/yum.repos.d/kubernetes.repo + [kubernetes] + name=Kubernetes + baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 + enabled=1 + gpgcheck=1 + repo_gpgcheck=1 + gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg + EOF + + yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes + systemctl enable --now kubelet + +### Step2: `On Master only:` + + sudo kubeadm init --ignore-preflight-errors=all + + sudo mkdir -p $HOME/.kube + sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config + sudo chown $(id -u):$(id -g) $HOME/.kube/config + + ## Weave Pod Network + kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" + + kubectl get nodes + kubectl get all --all-namespaces + +### Step3: `On Nodes only:` + + copy the kubeadm join token from master & run it on all nodes + + Ex: kubeadm join 10.128.15.231:6443 --token mks3y2.v03tyyru0gy12mbt \ + --discovery-token-ca-cert-hash sha256:3de23d42c7002be0893339fbe558ee75e14399e11f22e3f0b34351077b7c4b56 From 8e94f9c2fc3442d94123550332c9467b46d3533c Mon Sep 17 00:00:00 2001 From: Sonal Mittal <62133890+Sonal0409@users.noreply.github.com> Date: Tue, 13 Apr 2021 23:46:05 -0400 Subject: [PATCH 2/3] Create NagiosXI --- Nagios/NagiosXI | 199 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 199 insertions(+) create mode 100644 Nagios/NagiosXI diff --git a/Nagios/NagiosXI b/Nagios/NagiosXI new file mode 100644 index 0000000..77fc88d --- /dev/null +++ b/Nagios/NagiosXI @@ -0,0 +1,199 @@ +NAGIOS XI + +Create a virtual machine with 4GB ram on GCP + +Install docker on it + +sudo apt-get update +sudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common + +curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - +sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" +sudo apt-get update ; clear +sudo apt-get install -y docker-ce +sudo service docker start + +RUN the below image to create a container for nagiosxi + +docker run -d -p 80:80 --name nagiosxi lerndevops/nagios:xi5.5.6 + +It is a heavy image, it will take time to create the container + +take externalip:80 to access nagiosxi frontend +> click on access nagiosxi +> set the timezone to new delhi +> press next +> USername=> nagiosadmin +> password => nagiosadmin +> give email address + +> click finish install + +> Click on login to Nagios XI +> give username : nagiosadmin + password as nagiosadmin + +> agree on agreement and click on submit + +On host summary you will see 1 host, that it is monitoring itself + +Setup complete. + +Scenario 1: monitor a lInux host +*************************** + +for nagios server to monitor any other host machine, we have to first make chnages on the host machine +we have to install NRPE plugin on the linux slave/host machine + +For that : + +go to configure --> configure wizards --> select linux server + +provide external ip of slave VM + +select os as ubuntu + +press next + +Click on Agent installation instructions + +Execute following steps from the document + +Installing The Agent +Download the Linux NRPE agent to the /tmp directory on the Linux server you wish to monitor. +cd /tmp +wget https://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent.tar.gz +Unpack the installation archive you just downloaded: +tar xzf linux-nrpe-agent.tar.gz +Enter the newly created agent subdirectory: +cd linux-nrpe-agent + +Run the wrapper script as root (if using Ubuntu you'll need to either run sudo -i to run as root or run the +command with sudo in front): +./fullinstall + +It will take some time to update + + +Go back to nagios xi + +configure wixard--> linux server--> give details--press next -- + +explain monitoring settings + + +ALLOW FROM on VM2 +give as : 0.0.0.0/0 ==> give all addresses + +Agent/slave set up is done + +Go to nagios xi front end and click on finish + +go to HOME + +2 host will be avialble now + +click on the new google host + +on right side you can generate report, send email +you can group the servers als + + +*********************** + +Scenario2: + +Service level monitoring + +Go to slave machine and install nginx server onit, not container, its webserver we are installing + +# apt-get install nginx -y + +# ps -ef|grep nginx + +will give nginx is up and running + +this nginx service we want to monitor from nagiosxi + +for this + +go to configure wizrd--> select service tcp/UDP port + +Server address : give ip address of slave server where nginx is running + +server port : http + +Custom server port : + +port number : 80 +port/application name : nginx webserver +press next +press finsih + + +it will take time to reflect + +Scenario3: bring down nagios webserver and see if really the data and service are being monitored or not + +Go to VM2 --slave machine and stop nginx server + +# service nginx stop + +now got o nagiosxi and click on service nginx webserver + + +Click on force immediate check + +status will be Critical + +Click on acknowledge this problem + +you name and time will be given + +This is port level monitoring or service level monitoring + +*********** + +Service 4: Monitor a URL + +got o configure wizard --> select website URL + +give url as www.google.com + +press next + + +we will check the url status here + +clcik on fisinsh + +go to home and see 3 hosts will be there + +you can also configure your url also for monitoring firends + +********** + +Go to reports section on top.. you can schedule reports also , send reports +download pdf format of reports +send as email + + +You cna also create dashboards +manage dashlets to see specific data + + + + + + + + + + + +click on finish + + + + + From 55c5830fbaaa91828a3df7930c7510e00f986882 Mon Sep 17 00:00:00 2001 From: Sonal Mittal <62133890+Sonal0409@users.noreply.github.com> Date: Mon, 19 Apr 2021 08:50:16 -0400 Subject: [PATCH 3/3] Creating A Wordpress application using Kubernetes --- Kubernetese/WordpressApp | 166 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 166 insertions(+) create mode 100644 Kubernetese/WordpressApp diff --git a/Kubernetese/WordpressApp b/Kubernetese/WordpressApp new file mode 100644 index 0000000..7891541 --- /dev/null +++ b/Kubernetese/WordpressApp @@ -0,0 +1,166 @@ +--- +kind: PersitentVolumeClaim +apiVersion: v1 +metadata: + name: mysql-volumeclaim +spec: + accessMode: + - ReadWriteOnce + resources: + requests: + storage: 200Gi + + #Here we are just making a claim for 200GB Volume in Read-write mode +#The volume will be provisioned first, and then it will be claimed by our MySQL pod +# Now we can create deployment file for our MySQL pod + + +--- +piVersion: apps/v1 +kind: Deployment +metadata: + name: mysql + labels: + app: mysql +spec: + replicas: 1 + selector: + matchLabels: + app: mysql + template: + metadata: + labels: + app: mysql + spec: + containers: + - image: mysql:5.6 + name: mysql + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: mysql + key: password + ports: + - containerPort: 3306 + name: mysql + volumeMounts: + - name: mysql-persistent-storage + mountPath: /var/lib/mysql + volumes: + - name: mysql-persistent-storage + persistentVolumeClaim: + claimName: mysql-volumeclaim + +Here we are only creating a single replica, so we don’t have any issue with our read-write volume +We are passing a Environment variable in our MySQL container for its root password using a secret object. +Now, if you look at our mysql-deployment.yaml you can see we are associating our persistent volume object with this deployment and then mounting it inside the MySQL container + +Now we will create mysql-service.yaml +This will create an internal service to access our MySQL deployment + +--- +apiVersion: v1 +kind: Service +metadata: + name: mysql + lables: + app: mysql + spec: + type: ClusterIP + ports: + - port: 3306 + selector: + app: mysql + +We will create a persistent volume claim for our Wordpress Application + +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: wordpress-volumeclaim +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 200Gi + + +create a deployment.yaml for Wordpress application. + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wordpress + labels: + app: wordpress +spec: + replicas: 1 + selector: + matchLabels: + app: wordpress + template: + metadata: + labels: + app: wordpress + spec: + containers: + - image: wordpress + name: wordpress + env: + - name: WORDPRESS_DB_HOST + value: mysql:3306 + - name: WORDPRESS_DB_PASSWORD + valueFrom: + secretKeyRef: + name: mysql + key: password + ports: + - containerPort: 80 + name: wordpress + volumeMounts: + - name: wordpress-persistent-storage + mountPath: /var/www/html + volumes: + - name: wordpress-persistent-storage + persistentVolumeClaim: + claimName: wordpress-volumeclaim + + + #create a service definition to expose our Wordpress Application for the outside world + + --- + + apiVersion: v1 +kind: Service +metadata: + labels: + app: wordpress + name: wordpress +spec: + type: LoadBalancer + ports: + - port: 80 + targetPort: 80 + protocol: TCP + selector: + app: wordpress + + + +kubectl apply -f mysql-volumeclaim.yaml -f wordpress-volumeclaim.yaml +kubectl get pvc +kubectl create secrete generic mysql --from-literal=password=YOURPASSWORD +kubectl apply -f mysql-deployments.yaml -f mysql-service.yaml +kubectl get pods +kubectl get svc +kubectl apply -f wordpress-deployment.yaml -f wordpress-serice.yaml +kubectl get pods +kubectl get svc + +You will get public IP for your Wordpress blog copy it and past it in a new tab of browser.And you get the Wordpress initial setup tour something like this. + +Thanks.