Toolpack Prerequisites for CentOS 5

From TBwiki
Revision as of 17:03, 17 May 2016 by Lucas Trottier (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Applies to version(s) v2.5 to v2.9


This page shows the prerequisites to install Toolpack for a 64 bits CentOS 5.7 with the use of TelcoBridges repository.

WARNING: The host MUST have at least CentOS 5.5 installed. If you don't want to update your CentOS version to the latest version or want to install the prerequisites for a I386 (32 bits) platform, please follow the manual procedure instead.

WARNING: If you followed the manual procedure on the system before, you MUST NOT use the steps on this page before doing a cleanup of the previously installed files. You should ask Telcobridges support for help with the cleanup.

Contents

Install the base CentOS 5 server

Download the following DVD image and install it using the "Minimal" package set:

http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/centos/CentOS-5.7-x86_64-bin-DVD.iso

Press Enter to start the graphical installation:

  • Set a hostname (make sure it is not localhost.localdomain)
  • In the screen asking the set of software to install, uncheck "Desktop - Gnome" (unless you want to have the GUI)

Configure TelcoBridges repository

Online repository procedure

This procedure requires internet access and a DNS configured on your unit

Add TelcoBridges repository file

vim /etc/yum.repos.d/TB-Base.repo

Paste the following information in that file:

# TelcoBridges-Base.repo
#
# This repository is using TelcoBridges frozen version of CentOS
# to help client installing the required version of the
# applications required to run Toolpack
#

[tb-base]
name=TelcoBridges-$releasever - Base
baseurl=http://repo.telcobridges.com/centos/5/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5-tb

#released updates
[tb-updates]
name=TelcoBridges-$releasever - Updates
baseurl=http://repo.telcobridges.com/centos/5/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5-tb

Get TelcoBridges repository key

cd /etc/pki/rpm-gpg/
wget http://repo.telcobridges.com/centos/RPM-GPG-KEY-CentOS-5
rpm --import RPM-GPG-KEY-CentOS-5
wget http://repo.telcobridges.com/centos/RPM-GPG-KEY-CentOS-5-tb
rpm --import RPM-GPG-KEY-CentOS-5-tb

Offline repository procedure

This procedure does not requires internet access.

Install TelcoBridges repository locally

Download the .iso image of the repository

http://repo.telcobridges.com/centos/5/isos/x86_64/tb_centos5_x86_64_repo.iso
  • Upload this .iso file to the "/root" directory of the server with scp or a SFTP tool like FileZilla
  • Mount the .iso file on your server

Mount the .iso file on your server

mkdir -p /repo/centos/5
mount -t iso9660 -o loop /root/tb_centos5_x86_64_repo.iso /repo/centos/5

Add the mount point permanently to the system to make it stay after a reboot.

# cp /etc/fstab /etc/fstab.bak
# echo "/root/tb_centos5_x86_64_repo.iso /repo/centos/5 iso9660 loop 0 0" >> /etc/fstab

Add TelcoBridges repository file

vim /etc/yum.repos.d/TB-Base.repo

Paste the following information in that file:

# TelcoBridges-Base.repo
#
# This repository is using TelcoBridges frozen version of CentOS
# to help client installing the required version of the
# applications required to run Toolpack
#

[tb-base]
name=TelcoBridges-$releasever - Base
baseurl=file:///repo/centos/5/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5-tb

#released updates
[tb-updates]
name=TelcoBridges-$releasever - Updates
baseurl=file:///repo/centos/5/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5-tb

Get TelcoBridges repository key

cd /etc/pki/rpm-gpg/
cp /repo/centos/5/RPM-GPG-KEY-CentOS-5 .
cp: overwrite `./RPM-GPG-KEY-CentOS-5'? y
rpm --import RPM-GPG-KEY-CentOS-5
cp /repo/centos/5/RPM-GPG-KEY-CentOS-5-tb .
rpm --import RPM-GPG-KEY-CentOS-5-tb

Update CentOS

Disable default CentOS repository

Add the following line in '/etc/yum.repos.d/CentOS-Base.repo' under the [base] and [updates section].

enabled=0

Example:

[base]
enabled=0
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#released updates
[updates]
enabled=0
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5


Remove packages

Remove the following package

yum remove glibc.i686
yum remove selinux-policy-devel
yum remove system-config-network
yum remove dovecot

Package update

Update your system to the latest CentOS 5 version from TelcoBridges repositary.

yum clean metadata
yum update

If you have the following error:

warning: rpmts_HdrFromFdno: Header V4 DSA signature: NOKEY, key ID c8bf9d3a
Public key for package.rpm is not installed

Make sure that you have the correct gpgkey lines in /etc/yum.repos.d/TB-Base.repo and that the TelcoBridges keys are properly imported.

Reply to ARP only on local interfaces

Modify the file /etc/sysctl.conf to add the following lines:

 net.ipv4.conf.default.arp_ignore=1
 net.ipv4.conf.all.arp_ignore=1

Then restart network interfaces using the following command:

 /etc/init.d/network restart

Disabling SELinux

Check SELinux status

 sestatus

If SELinux is enable, see the Disabling SELinux article to disable it.

Disabling Firewall

chkconfig iptables off
service iptables stop

Apply kernel patches (if any)

shutdown -r now

Install Toolpack Prerequisites

When asked to 'Importing GPG key', answer yes.

yum groupinstall Toolpack-Prerequisites

Install Gem

wget http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/linux/bundler-1.2.3.gem
gem install --local ./bundler-1.2.3.gem
wget http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/linux/json-1.7.7.gem
gem install --local ./json-1.7.7.gem

Configure ODBC

vim /etc/odbcinst.ini

Remove the '#' in front of each lines of the [MySQL] section Modify the 'Driver' line to set the correct driver

Example for 32 bits system:

[MySQL]
Description     = ODBC for MySQL
Driver          = /usr/lib/libmyodbc5.so
Setup           = /usr/lib/libodbcmyS.so
FileUsage       = 1	


Example for 64 bits system:

[MySQL]
Description     = ODBC for MySQL
Driver          = /usr/lib64/libmyodbc5.so
Setup           = /usr/lib64/libodbcmyS.so
FileUsage       = 1

Configure MySQL

vim /etc/my.cnf

Add these variables in the file under the [mysqld] section:

  • log-bin
  • server-id=[UniqueId]

The server-id needs to be a non-zero unique value (do not use 0). If you use the host redundancy feature, the value needs to be different on each host .


Add max_allowed_packet to increase the maximum size of binary blobs in the database. Make sure it is in the [mysqld] section AND [mysqldump] section

 max_allowed_packet = 200MB


Add below to remove database dependencies with DNS servers (**Applicable to TMG users only)

 skip-name-resolve


Add this to make sure the mysql logs don't get too big

 expire_logs_days=30
 max_binlog_size=500M

Example:

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
log-bin
server-id=5876
max_allowed_packet = 200MB
expire_logs_days=30
max_binlog_size=500M

# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1

# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0

# Added so that problems with DNS servers don't cause problems with the mysql DB
# Note: This is applicable only if you are using a TMG
skip-name-resolve

[mysqldump]
max_allowed_packet = 200MB

Enable and Start MySQL

service mysqld start
chkconfig mysqld on

Configure MySQL Users

  • Set password for the root user to 'tbdbpw' (TelcoBridges recommends that you set your own password for root)
  • Enable root connection from localhost only
  • Create a tbdb user (required by Toolpack)
  • Remove anonymous connection

Example:

/usr/bin/mysqladmin -u root password tbdbpw
mysql -uroot -ptbdbpw
DELETE FROM mysql.user WHERE !(Host = 'localhost' AND User = 'root');
FLUSH PRIVILEGES;
CREATE USER 'tbdb'@'%' IDENTIFIED BY 'tbdbpw';
GRANT ALL PRIVILEGES ON *.* TO 'tbdb'@'%' IDENTIFIED BY 'tbdbpw';
FLUSH PRIVILEGES;
exit

Toolpack Development Prerequisite (Optional)

The Toolpack System Development prerequisite section is only required for customers that will develop their own application using the Toolpack API:

yum install gcc-c++ libxml2-devel libpcap-devel unixODBC-devel libaio libaio-devel

Validation Guide (highly recommended)

If you would like to verify your installation go to the Toolpack Validation Guide


Toolpack System installation

Now that the prerequisite are installed, now it is time to install the Toolpack system

Personal tools