Difference between revisions of "OPS335 Archiving Lab"

From CDOT Wiki
Jump to: navigation, search
m (Corrected another command)
m (Added warning about allowing port 514 on internal network only)
Line 61: Line 61:
 
  $ModLoad imtcp
 
  $ModLoad imtcp
 
  $InputTCPServerRun 514
 
  $InputTCPServerRun 514
*Still on f17, restart syslog. NOTE: At this point you should use iptables to open up tcp port 514
+
*Still on f17, restart syslog. NOTE: At this point you should use iptables to open up tcp port 514 to your internal network only.
 
*Now on vm01 and use the logger command to verify logging messages are getting through to your f17 host. Try this command
 
*Now on vm01 and use the logger command to verify logging messages are getting through to your f17 host. Try this command
 
  logger -p user.warn "Hello World"
 
  logger -p user.warn "Hello World"

Revision as of 18:04, 20 December 2012

Automating System Backup

This lab will show you how to set up a Fedora installed system to be used for file backups.

Important.png
Prerequistites:
Your hard drive should have Fedora 17, 64 bit Live edition already installed and updated.
Ensure the clocks on both machines are set to the correct date and time.
If you have not already done so, remove the iptables rules preventing your host from pinging or SSH'ing your VMs, but leave the other rules intact.
  • Your host machines will be used to backup files from the virtual machines.

Using rsync and cron to automate system backup

  • Login to f17 using your learnid and open a terminal window. Then "su -" to root run the following two commands:
mkdir -p /backup/vm01
rsync -avz 192.168.x.2:/etc/ /backup/vm01
  • Still on f17 run this command to verify rsync worked correctly:
ls /backup/vm01/etc
  • Notice that when running rsync you had to enter the password for root on vm01. To automate this process so that it will run without requiring a password we'll use an RSA public/private key pair for passwordless authentication. To do this we'll have to generate an RSA public/private key pair on f17. We'll use an openssh command like this:
 ssh-keygen -t rsa
  • when you enter this command just hit ENTER for all the questions. Here's what I got when I ran it on my f17
 Generating public/private rsa key pair.
 Enter file in which to save the key (/root/.ssh/id_rsa):
 Enter passphrase (empty for no passphrase):
 Enter same passphrase again:
 Your identification has been saved in /root/.ssh/id_rsa.
 Your public key has been saved in /root/.ssh/id_rsa.pub.
 The key fingerprint is:
 f5:07:8c:aa:b6:08:e0:45:81:ca:d6:88:8c:aa:1a:7b root@f17@pcallagh.org
 The key's randomart image is:
 +--[ RSA 2048]----+
 |       o+++      |
 |    E .ooo..     |
 |     ...o.       |
 |       ...o     .|
 |       .S+ +   o.|
 |        . = . o .|
 |           o +   |
 |          o +    |
 |           . .   |
 +-----------------+
  • Now you'll need to copy f17's public rsa key over to vm01. Still on f17 use this command (be sure you have the /root/.ssh/ directory on vm01 - if you don't then make it first):
 scp /root/.ssh/id_rsa.pub 192.168.x.2:/root/.ssh/authorized_keys
  • Now verify that your new authentication method is working. Still on f17 try to ssh to vm01 as root. You should be able to login without entering a password. If you were successful then move on to the next step, otherwise repeat steps 3 and 4.
  • Install mailx on f17 if it's not already installed.
 yum -y install mailx
  • Now, still as root on f17, use the command 'crontab -e' to edit root's cron table. Insert the following line:(Instead of the IP Address "192.168.122.2", use the IP address of your vm01)
55 * * * * /usr/bin/rsync -avz 192.168.122.2:/etc/ /backup/vm01 
  • At 55 minutes past the hour rsync should synchronize the /etc/ directory of vm01 to the /backup/vm01/etc/ directory on f17. If this time has passed and you don't want to wait an hour for the next time rsync runs, just edit root's cron table on f17 and enter another time for the backup to take place.
  • You should convince yourself that /etc/ is being backed up by adding some file (say 'touch /etc/junk' on vm01) to /etc and then see if it was indeed copied to f17.
  • After the cron job runs, root on f17 should have received an email containing the output of the cron job. Verify this by using the mail command to check root's mail on f17.
  • Finally, edit root's cron table on f17 and add another record to backup the /home directory of vm01 to /backup/vm01/home on f17 once each week at 2am on Saturday.

Using syslog to route log files to a remote host

  • On your vm01 edit /etc/rsyslog.conf and make the following change:
#*.* @@remote-host:514
  • to
*.* @@192.168.x.x:514
  • where xxx is the IP of f17 host (your logging machine)
  • Now restart your rsyslog service
systemctl restart rsyslog.service
  • Go on your f17 host and edit /etc/rsyslog.conf and uncomment the following:
$ModLoad imtcp
$InputTCPServerRun 514
  • Still on f17, restart syslog. NOTE: At this point you should use iptables to open up tcp port 514 to your internal network only.
  • Now on vm01 and use the logger command to verify logging messages are getting through to your f17 host. Try this command
logger -p user.warn "Hello World"
  • Use the command "tail /var/log/messages" on the f17 host to view the results of the previous step.
  • Make the needed changes to have logging of all vm's take place on your host.

Answer the following questions and and email them to your teacher in ASCII text format

  1. Show the RSA public key generated on vm01. i.e. the file called id_rsa.pub.
  2. Explain the meaning of the -avz options on the rsync command.
  3. Provide root's cron table on vm01.
  4. What were the last two lines of the email sent to root upon completion of the cron job?
  5. What was the output of 'tail /var/log/messages' at the end of the lab?
  6. What is the output of the iptables-save command on vm01 at the end of this lab?