versuch.net

Add unsupported devices To be able to add unsupported devices, we need to have the device's mib file. On this tutorial, we use Fiberhome OLT as example. First, download the Fiberhome mib file from  here . For the observium enterprise/professional, It is already provided in the /opt/observium/mibs/fiberhome folder. Download the file and put in the /opt/observium/mibs/rfc. Check the device sysDescr and sysObjectID using snmpget command: [root@observium ~]# snmpget -v2c -c public fiberhome-olt .1.3.6.1.2.1.1.1.0 .1.3.6.1.2.1.1.2.0 -On .1.3.6.1.2.1.1.1.0 = STRING: "AN5516-01" .1.3.6.1.2.1.1.2.0 = OID: .1.3.6.1.4.1.5875.800.1001.11 Based on that result, the device needs to be defined in the config.php as follows:

If you do not have a trusted CA signed certificate file, you can alternatively generate a self-signed certificate file using the following command: openssl genrsa -out privkey.pem 2048 The next command will prompt for some identification details. Most of these don’t matter, but make sure the  Common Name  entered matches the value of  undercloud_public_vip  in undercloud.conf: openssl req -new -x509 -key privkey.pem -out cacert.pem -days 365 Combine the two files into one for HAProxy to use. The order of the files in this command matters, so do not change it: cat cacert.pem privkey.pem > undercloud.pem

Create 10 vm with 2 NIC: 1 Director Node: 2 CPU, 8G RAM, 40G Disk 3 Controller Node: 4 CPU, 32G RAM, 100G Disk 3 Compute Node: 4 CPU, 16G RAM, 100G Disk 3 Ceph Node: 4 CPU, 16G RAM, 60G Disk and 100G Disk Network Layout: Contents 1 Undercloud Installation 1.1 Create ssl certificate: 1.2 Download images 2 Register Nodes 3 Introspect Nodes 4 Tagging Nodes 5 Defining the Root Disk for Ceph Storage Nodes 6 Enabling Ceph Storage in the Overcloud 7 Formatting Ceph Storage Node Disks to GPT 8 Delpoy Nodes 9 Sources Undercloud Installation sudo yum install -y https://trunk.rdoproject.org/centos7/current/python2-tripleo-repos-0.0.1-0.20180418175107.ef4e12e.el7.centos.noarch.rpm sudo -E tripleo-repos -b newton current ceph then sudo yum install -y python-tripleoclient sudo yum install -y ceph-ansible cp /usr/share/instack-undercloud/undercloud.conf.sample ~/undercloud.conf

We can automatically install wordpress during instance creation on openstack. We only need to create the heat template and call it from orchestration menu. Below is the template example to install wordpress. Create file WordPress.yaml

To prevent user from uploading malicious script to cpanel, we need to scan the uploaded script from 2 most common ways the user upload the script. From cpanel upload interface. From ftp client. First we need to install clamdscan and maldet, after that we need to configure modsec on whm and use pure-uploadscript binary to call clamdscan or maldet to scan the uploaded file. Here are the steps: Create additional modsec config : nano /etc/apache2/conf.d/modsec/modsec2.user.conf SecRequestBodyAccess On SecTmpSaveUploadedFiles On SecRule FILES_TMPNAMES "@inspectFile /usr/local/maldetect/hookscan.sh" \                 "id:'999999',log,auditlog,deny,severity:2,phase:2,t:none" Then restart apache.