GestióIP IPAM v3.0 IP address management software Installation Guide v0.4 www.gestioip.net GestióIP Copyright © Marc Uebel 2014 Installation Guide GestióIP IPAM v3.0 Table of Contents 1 Introduction....................................................................................................................................... 3 2 Requirements..................................................................................................................................... 3 3 System preparation............................................................................................................................ 3 3.1 Debian/Ubuntu........................................................................................................................... 3 3.2 Suse............................................................................................................................................ 4 3.3 Fedora, Redhat, CentOS............................................................................................................ 4 3.4 MySQL Database.......................................................................................................................5 4 Installation......................................................................................................................................... 5 4.1 Script based installation............................................................................................................. 5 4.2 Web based database configuration...........................................................................................13 5 Additional information.....................................................................................................................18 2 Installation Guide GestióIP IPAM v3.0 1 Introduction GestióIP comes with a script based installation assistant which guides through the installation process and helps to resolve GestióIP's dependencies. The installation consists of two parts. The script based part to install the required Perl modules and to configure the Apache web server and a web-based part to create and configure the Mysql database. If there are Perl modules missing, Setup will offer the option to install them automatically with the Linux distribution specific packet managers (yum, zypper, apt-get). But not all Perl modules are as packages for all distributions available. Setup offers the possibility to automatically download (from CPAN) and install the missing modules. That requires “wget” and “make” to be installed during the installation. VLAN discovery and parts of host discovery are based on the Perl module SNMP::Info. This requires that Netdisco's MIB files are installed on the system. Setup offers the option to automatically download and install required MIB files. 2 Requirements SO: Linux, Unix-like. Setup supports the following actual Linux distributions: Debian, Ubuntu, Fedora, Redhat, CentOS, SuSE Software: Apache2 with mod_perl, Mysql 4.x or 5.x (recommended: 5.x), Perl, some Perl modules, SNMP standard MIBs Hardware: DualCore CPU 2GHz, RAM: 2GB 3 System preparation GestióIP requires an Apache Web Server and a local or remote MysSQL database, as well as some SNMP MIBs. To install the required packages on the GestióIP server you can use the following commands: 3.1 Debian/Ubuntu $ sudo apt-get install make mysql-server mysql-client apache2 apache2-utils libapache2-mod-perl2 snmp snmp-mibs-downloader wget 3 Installation Guide GestióIP IPAM v3.0 The packet snmp-mibs-downloader is a “non-free” component. If apt-get does not find the package you need to activate the “non-free” repository in /etc/apt/sources.list. Add “contrib non-free” behind the main of every line: deb http://http.debian.net/debian/ wheezy main contrib non-free and execute “sudo apt-get update” to take the changes effect. Discovery via SNMP requires the SNMP MIBs are correctly loaded. For GestióIP, /etc/snmp/snmp.conf should not contain entries. Comment out the following line in /etc/snmp/snmp.conf: #mibs : (make is only required for the setup of GestióIP and can be uninstalled after finishing the installation of GestióIP (sudo apt-get remove make) 3.2 Suse Suse <= 12 $ sudo zypper install apache2 apache2-mod_perl apache2_utils mysql mysql-client make snmp-mibs net-snmp perl-SNMP wget Suse >=13 $ sudo zypper install apache2 apache2-mod_perl apache2_utils mariadb mariadb-client mariadberrormessages make snmp-mibs net-snmp perl-SNMP (Suse13 comes with MariaDB which is full compatible with GestióIP) (make is only required for the setup of GestióIP and can be uninstalled after finishing the installation of GestióIP (sudo zypper remove make) 3.3 Fedora, Redhat, CentOS $ sudo yum install httpd mod_perl mysql mysql-server make net-snmp net-snmp-utils wget checkpolicy Note: make is only required for the setup of GestióIP and can be uninstalled after finishing the 4 Installation Guide GestióIP IPAM v3.0 installation of GestióIP (sudo yum remove make) 3.4 MySQL Database After a new installation of the MySQL (MariaDB) database you might need to set the root password for database. Use the following command to set up a root password: $ mysqladmin -u root password “newpass” 4 Installation The installation of GestióIP consists in a script based installation assistant to install the software and a web based part to configure the Mysql database. 4.1 Script based installation Download GestióIP * Download GestióIP 3.0 IPAM from www.gestioip.net Install GestióIP * Open a shell and untar file gestioip_3.0.tar.gz: $ tar vzxf gestioip_3.0.tar.gz * Change to the new directory gestioip_3.0 $ cd gestioip_3.0 * Execute the script based installation assistant like root $ sudo ./setup_gestioip.sh You can stop the script at any point of time by typing CTRL C and execute it later again. Setup will write a log file called setup.log which is stored in the same folder as the script itself and contains all details of the installation. 5 Installation Guide GestióIP IPAM v3.0 Setup will propose a couple of parameters e.g. (“Where is Apache daemon binary?”). If you do not have special requirements you can confirm all default parameters by typing ENTER. [user@host gestioip_3.0]$ sudo ./setup_gestioip.sh This script will install GestioIP 3.0 on this computer Do you wish to continue [y]/n? Starting installation Starting GestioIP setup from folder /home/user/sources/gestioip_3.0 Storing log in file /home/user/sources/gestioip_3.0/setup.log +----------------------------------------------------------+ | Checking for Apache web server daemon... | +----------------------------------------------------------+ Where is Apache daemon binary [/usr/sbin/httpd]? OK, using Apache daemon /usr/sbin/httpd +----------------------------------------------------------+ | Checking for Apache main configuration file... | +----------------------------------------------------------+ Where is Apache main configuration file [/etc/httpd/conf/httpd.conf]? OK, using Apache main configuration file /etc/httpd/conf/httpd.conf +----------------------------------------------------------+ | Checking for Apache user account... | +----------------------------------------------------------+ Which user account is running Apache web server [apache]? OK, Apache is running under user account apache +----------------------------------------------------------+ | Checking for Apache group... | +----------------------------------------------------------+ Which user group is running Apache web server [apache]? OK, Apache is running under users group apache +----------------------------------------------------------+ | Checking for Apache Include configuration directory... | +----------------------------------------------------------+ Where is Apache Include configuration directory [/etc/httpd/conf.d/]? OK, using Apache Include configuration directory /etc/httpd/conf.d +----------------------------------------------------------+ | Checking for PERL Interpreter... | +----------------------------------------------------------+ Where is PERL Intrepreter binary [/usr/bin/perl]? OK, using PERL Intrepreter /usr/bin/perl 6 Installation Guide GestióIP IPAM v3.0 +----------------------------------------------------------+ | Checking for Apache mod_perl version... | +----------------------------------------------------------+ Checking for Apache mod_perl Apache mod_perl available - Good! +----------------------------------------------------------+ | Checking for required Perl Modules... | +----------------------------------------------------------+ Do you plan to import networks or hosts from spreadsheets [y]/n? Checking for DBI PERL module... Found that PERL module DBI is available. Checking for DBD-mysql PERL module... Found that PERL module DBD-mysql is available. Checking for Net::IP PERL module... *** ERROR ***: PERL module Net::IP is not installed! Checking for Net::Ping::External PERL module... Found that PERL module Net::Ping::External is available. Checking for Parallel::ForkManager PERL module... Found that PERL module Parallel::ForkManager is available. Checking for SNMP PERL module... Found that PERL module SNMP is available. Checking for SNMP::Info PERL module... *** ERROR ***: PERL module SNMP::Info is not installed! Checking for Mail::Mailer PERL module... Found that PERL module Mail::Mailer is available. Checking for Time::HiRes PERL module... Found that PERL module Time::HiRes is available. Checking for Date::Calc PERL module... Found that PERL module Date::Calc is available. Checking for Date::Manip PERL module... Found that PERL module Date::Manip is available. Checking for Net::DNS PERL module... Found that PERL module Net::DNS is available. Checking for Spreadsheet::ParseExcel PERL module... *** ERROR ***: PERL module Spreadsheet::ParseExcel is not installed! Checking for OLE::Storage_Lite PERL module... Found that PERL module OLE::Storage_Lite is available. 7 Installation Guide GestióIP IPAM v3.0 Checking for GD::Graph::pie PERL module... *** ERROR ***: PERL module GD::Graph::pie is not installed! Typically there are not all required Perl modules installed on the server. Setup is able to install all missing Perl modules. If there are packets for the required Perl module available, setup will install this packets with the Linux distribution specific packet manager (yum, apt-get, zypper). Perl modules which are not available as package will be downloaded from CPAN (www.cpan.org) and automatically be installed. ##### There are required Perl Modules missing ##### Setup can install the missing Modules Do you wish that Setup installs the missing Perl Modules now [y]/n? Executing sudo yum install perl-Net-IP perl-DBI perl-DBD-mysql perl-DateManip net-snmp-perl perl-Date-Calc perl-TimeDate perl-MailTools perl-Net-DNS perlTime-HiRes perl-GDGraph Loaded plugins: fastestmirror, refresh-packagekit Existing lock /var/run/yum.pid: another copy is running as pid 2156. Another app is currently holding the yum lock; waiting for it to exit... The other application is: PackageKit Memory : 25 M RSS ( 39 MB VSZ) Started: Wed Oct 5 14:26:25 2011 - 00:06 ago State : Sleeping, pid: 2156 Loading mirror speeds from cached hostfile * base: ftp.udl.es * extras: ftp.udl.es * updates: ftp.udl.es Setting up Install Process Package perl-DBI-1.609-4.el6.i686 already installed and latest version Package perl-DBD-MySQL-4.013-3.el6.i686 already installed and latest version Package perl-Date-Manip-5.54-4.el6.noarch already installed and latest version Package 1:net-snmp-perl-5.5-27.el6_0.1.i686 already installed and latest version Package perl-Date-Calc-6.3-2.el6.noarch already installed and latest version Package 1:perl-TimeDate-1.16-11.1.el6.noarch already installed and latest version Package perl-MailTools-2.04-4.el6.noarch already installed and latest version Package 4:perl-Time-HiRes-1.9721-115.el6.i686 already installed and latest version Resolving Dependencies --> Running transaction check ---> Package perl-GDGraph.noarch 1:1.44-7.el6 set to be updated ---> Package perl-Net-DNS.i686 0:0.65-2.el6 set to be updated ---> Package perl-Net-IP.noarch 0:1.25-13.el6 set to be updated --> Finished Dependency Resolution Dependencies Resolved ================================================================================ 8 Installation Guide GestióIP IPAM v3.0 ============================================================================= Package Arch Version Repository Size ================================================================================ ============================================================================= Installing: perl-GDGraph noarch 1:1.44-7.el6 base 127 k perl-Net-DNS i686 0.65-2.el6 base 232 k perl-Net-IP noarch 1.25-13.el6 base 32 k Transaction Summary ================================================================================ ============================================================================= Install 3 Package(s) Upgrade 0 Package(s) Total download size: 392 k Installed size: 892 k Is this ok [y/N]: y Downloading Packages: (1/3): perl-GDGraph-1.44-7.el6.noarch.rpm | 127 kB 00:00 (2/3): perl-Net-DNS-0.65-2.el6.i686.rpm | 232 kB 00:02 (3/3): perl-Net-IP-1.25-13.el6.noarch.rpm | 32 kB 00:00 -----------------------------------------------------------------------------------------------------------------------------------------------------------Total 113 kB/s | 392 kB 00:03 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : 1:perl-GDGraph-1.44-7.el6.noarch 1/3 Installing : perl-Net-IP-1.25-13.el6.noarch 2/3 Installing : perl-Net-DNS-0.65-2.el6.i686 3/3 Installed: perl-GDGraph.noarch 1:1.44-7.el6 perl-Net-DNS.i686 0:0.652.el6 perl-Net-IP.noarch 0:1.25-13.el6 Complete! In this example Spreadsheet-ParseExcel and SNMP::Info are missing and not as package available. Setup will download them from CPAN and install them automatically. NOTE: If you forgot to install “make” stop the script with CTRL C now, install “make” and run the script 9 Installation Guide GestióIP IPAM v3.0 again. After the installation, “make” is not longer required by GestióIP and should be uninstalled. Where is MAKE binary [/usr/bin/make]? OK, using MAKE /usr/bin/make ### Installing Spreadsheet-ParseExcel Downloading Spreadsheet-ParseExcel-0.58.tar.gz from CPAN... OK Installation of Spreadsheet-ParseExcel-0.58.tar.gz SUCCESSFUL ### Installing SNMP-Info Downloading SNMP-Info-2.01.tar.gz from CPAN... OK Installation of SNMP-Info-2.01.tar.gz SUCCESSFUL SNMP::Info needs the Netdisco MIBs to be installed Setup can download MIB files (11MB) and install it under /usr/share/gestioip/mibs If Netdisco MIBs are already installed on this server type "no" and specify path to MIBs via frontend Web (manage->GestioIP) after finishing the installation Do you wish that Setup installs required MIBs now [y]/n? Downloading Netdisco MIBs (this may take several minutes)... OK Installation of Netdisco MIBs SUCCESSFUL +----------------------------------------------------------+ | Checking for required Perl Modules... | +----------------------------------------------------------+ Checking for DBI PERL Module... Found that PERL module DBI is available. Checking for DBD-mysql PERL module... Found that PERL module DBD-mysql is available. Checking for Net::IP PERL module... Found that PERL module Net::IP is available. Checking for Net::Ping::External PERL module... Found that PERL module Net::Ping::External is available. Checking for Parallel::ForkManager PERL module... Found that PERL module Parallel::ForkManager is available. Checking for SNMP PERL module... Found that PERL module SNMP is available. Checking for SNMP::Info PERL module... Found that PERL module SNMP::Info is available. Checking for Mail::Mailer PERL module... Found that PERL module Mail::Mailer is available. Checking for Time::HiRes PERL module... 10 Installation Guide GestióIP IPAM v3.0 Found that PERL module Time::HiRes is available. Checking for Date::Calc PERL module... Found that PERL module Date::Calc is available. Checking for Date::Manip PERL module... Found that PERL module Date::Manip is available. Checking for Net::DNS PERL module... Found that PERL module Net::DNS is available. Checking for Spreadsheet::ParseExcel PERL module... Found that PERL module Spreadsheet::ParseExcel is available. Checking for OLE::Storage_Lite PERL module... Found that PERL module OLE::Storage_Lite is available. Checking for GD::Graph::pie PERL module... Found that PERL module GD::Graph::pie is available. Found all required Perl Modules for GestioIP - Good! For the case that the Setup was not able to install all required modules, install the missing modules manually and execute the Setup again. If you think that this is an error of the Setup please report this to contact@gestioip.net. +----------------------------------------------------------+ | Configuration of Apache Web Server... | +----------------------------------------------------------+ Which is the Apache DocumentRoot directory [/var/www/html]? OK, using Apache DocumentRoot /var/www/html Where is htpasswd [/usr/bin/htpasswd]? OK, using htpasswd /usr/bin/htpasswd Setup will ask now for the users which should be created for the HTTP Standard Authentication. You can change the authentication method after finishing the installation by editing GestióIP's Apache configuration file gestioip.conf. Sample configuration files for authentication against a MS AD, LDAP and KERBEROS a available from GestióIP's documentation page http://www.gestioip.net/documentation_gestioip_en.html The ro-user (default: gipoper) has only read access and can not manipulate entries. The rw-user (default: gipadmin) has access to all features of GestióIP. Which should be the read-only (ro) user [gipoper]? 11 Installation Guide GestióIP IPAM v3.0 OK, using ro user gipoper Which should be the read-write (rw) user [gipadmin]? OK, using rw user gipadmin The Setup script does not create the users automatically. You need to open a second shell and create the two users for HTTP Standard Authentication manually by executing the command “htpasswd” (see below). +++++++++++++++++++++++++++++++++++++++++++++++++++ Now open a new shell and execute the following two commands LIKE ROOT to create the GestioIP apache users: +++++++++++++++++++++++++++++++++++++++++++++++++++ sudo /usr/bin/htpasswd -c /etc/httpd/users-gestioip gipoper sudo /usr/bin/htpasswd /etc/httpd/users-gestioip gipadmin After this press ENTER ro user (gipoper) successfully created rw user (gipadmin) successfully created GestióIP comes with a couple of scripts e.g. for the automatic database initialization or the automatic update of networks and hosts. If the directory structure for this scripts should not be installed under the default path /usr/share/gestioip/ you can specify an alternative path in the following step. Under which directory should GestioIP's script files be installed [/usr/share/gestioip]? OK using script base directory /usr/share/gestioip Only for Fedora/Redhat/CentOS: GestióIP require updates in the default SELinux configuration. E.g. SELinux default configuration does not allow that the Apache HTTP server opens connections to a database. This function is required to run GestióIP. If you want to know how the policies exactly will be updated, download and consult the type enforcement file for your distribution: http://www.gestioip.net/docu/README.fedora.redhat.CentOS Note for Fedora/Redhat/CentOS Linux: Some functions of GestioIP require an update of SELinux policy Setup can update SELinux policy automatically Do you wish that Setup updates SELinux policy now [y]/n? Downloading Type Enforcement File from www.gestioip.net...OK Executing "check_module"...OK Executing "semodule_package"...OK 12 Installation Guide GestióIP IPAM v3.0 Executing "semodule"...OK Note: the execution of the command “semodule” takes some time Update of SELinux policy SUCCESSFUL Updating permissions of GestioIP's cgi-dir...SUCCESSFUL +-------------------------------------------------------+ | | | Installation of GestioIP successfully finished! | | | | Please, review /etc/httpd/conf.d/gestioip.conf | to ensure all is good and | | | | RESTART Apache daemon! | | | | Then, point your browser to | | | | http://server/gestioip/install | | | to configure the database server. | | Access with user "gipadmin" and the | the password which you created before | | | +-------------------------------------------------------+ Restart the Apache webserver (e.g. Ubuntu: /etc/init.d/apache restart) and access to the web-based database configuration by pointing your browser to http://server/gestioip/install. 4.2 Web based database configuration Open a browser and access to “http://server/gestioip/install”. Replace “server” with the IP address or the DNS name of the server with the GestióIP installation. Access with the rw-user and the 13 Installation Guide GestióIP IPAM v3.0 password which you created during the setup with the command “htpasswd” (default rw-user: gipadmin): Fig. 1: Accessing to web based database configuration After confirming the credentials by clicking “OK”, GestióIP's installation “Welcome” site will be displayed. Click “next” to proceed with database configuration. Fig. 2: Installation “Welcome” site Introduce the database configuration parameters and click “send”. Note that if you running GestióIP and it's Mysql database on the same host, introduce “127.0.0.1” for both, “Web server address” and “Mysql server address”. 14 Installation Guide GestióIP IPAM v3.0 Fig. 3: Database parameter configuration Next page shows if the database was successfully created. Click “next page” to proceed. Fig. 4: Database creation confirmation screen Configure Sites and Categories. If your IT-Infrastructur is distributed over various locations introduce the locations into the text box “Sites”. This can be e.g. various campuses, data centers or buildings. You need to introduce at least one site. The network categories are thought to classify the networks. GestióIP proposes here some categories like prod for the production environment, pre for pre-production or dev for networks of the development environment. Modify the network categories to adapt them to your requirements. Host category are intended to classify hosts. Add as many additional host categories as you need. Note: You can change all this values later easily via frontend web. 15 Installation Guide GestióIP IPAM v3.0 Fig. 5: Sites, network categories and host categories configuration Next page shows if the sites and categories where successfully created. Click “next page” to proceed. Fig. 6: Site and category confirmation screen The following page informs if the installation has completed successfully. 16 Installation Guide GestióIP IPAM v3.0 Fig. 7: Installation completed screen Delete the directory “install” ([DocumentRoot]/gestioip/install) manually and access to GestióIP by clicking the link http://servername/gestioip. When you access first time to GestióIP, a site will be displayed, with gives some hints how to initialize the database with organizations networks, hosts and VLANs. Fig. 8: Initial view of GestióIP's fronted web 17 Installation Guide GestióIP IPAM v3.0 5 Additional information GestióIP GestióIP consists in Perl CGI scripts, which will be per default installed under Apaches [DocumentRoot]/gestioip as well as some actualization and discovery scripts which will be per default installed under /usr/share/gestioip. Apache web server GestióIP's Apache configuration file (gestioip.conf) will be stored in the Include directory of the Apache Webserver (e.g. Ubuntu: /etc/apache/conf.d). The Apache users file (users-gestioip) will be stored in Apache configuration directory (e.g. Ubuntu: /etc/apache). Setup will only create this two files. It will not touch any other Apache configuration files. Mysql database GestióIP supports local as well as remote Mysql databases. GestióIP Copyright © Marc Uebel 2014 18