CentOS Linux Zabbix

Upgrade from Zabbix 6.0 to 6.2 on CentOS 8

Zabbix is an open source monitoring system that can monitor almost anything. You can learn more about Zabbix here. For the purpose of this article I will using the predeployed Zabbix Appliance from Linode. Linode is a cloud based hosting service that offers really good pricing for Linux based servers. Best of all they have a datacenter that is really close to my house. You can learn more about Linode and their services here. If you are a new sign up they run a deal sometimes to get a free $100 credit which you could use toward running your VM.

Prep work

The first piece of advice that I can give while you are working on the upgrade you should open a second ssh session to your server and run the following command:

 sudo tail -f /var/log/zabbix/zabbix_server.log

This will give you a better view of what is going on with the application once you start the service back up.

The next step is to stop the Zabbix Server Service

systemctl stop zabbix-server

From here Zabbix reommends backing up your configuration files.

This command will create a new backup folder

mkdir /opt/zabbix-backup/

These commands will copy your config files to your backup folder

cp /etc/zabbix/zabbix_server.conf /opt/zabbix-backup/
cp /etc/httpd/conf.d/zabbix.conf /opt/zabbix-backup/

This will copy your .php files to your backup folder

cp -R /usr/share/zabbix/ /opt/zabbix-backup/
cp -R /usr/share/zabbix-* /opt/zabbix-backup/

Starting the update

To proceed with the upgrade your current repository package has to be updated.

rpm -Uvh

Switch the DNF module version for PHP:

dnf module switch-to php:7.4

To upgrade Zabbix components run the following command:

dnf upgrade zabbix-server-mysql zabbix-web-mysql zabbix-agent

Post upgrade work

Once the packages have been updated you will need to open your database. In my case I would type in mysql. Then according to the Zabbix documentation you need to run this command.

SET GLOBAL log_bin_trust_function_creators = 1;

One of the issues that I ran into, and I am not sure if this is just a Linode appliance issue or a CentOS issue but I had to run the following command. If I did not run this command the update would fail at 43% everytime.

grant all privileges on zabbix.* to 'zabbix_srv'@'localhost';

Once that is complete type quit and hen type thhe following command to start the Zabbix service.

systemctl start zabbix-server

Once you press enter the log file that you opened at the begin displaying output and you should see the entire startup processs and then update.

I hope you find this guide helpful and if so please share it with others.

Linux Ubuntu

How to interact as root in Ubuntu

I recently learned that you can interact with the Ubuntu BASH shell as root. In my lab I have been playing with a whole bunch of new applications and servers running on Ubuntu.

I recently was installing a Zabbix Proxy to monitor and I needed to run the installer as root. This was a wierd concept as I thought you were only able to use sudo in front of the command to be able to elevate the permissions. I thought root was out of the question with Ubuntu.

It turns out if you need to work in root you can simply type the following:

“sudo -i”

After typing in your password you will be given a root prompt. This really blew my mind consindering I had been using ubuntu for a while and never knew this was an option.

I hope this helps someone out there as I had no idea that this was even a thing.

Uncategorized Virtualization Vmware

VMware vCenter vVOLs Host Certificate issues

As of late I have been running into a few issues with VMware vSphere and vVOLs. I could go on for hours about my hatred of SSL certificates and how much of a pain that they have been for me in the past. But that is not what you are here for (at least I hope not).

This post is going to be a little bit different from my normal “How To” posts that I normally do. In this article I will focus more on the things that I have learned, and steps that need to be taken when working with VMware’s vSphere and vVOLs.

Here is a little back story on what a vVOL is and how it integrates with vSphere. To be completely honest with you, I am not an expert on the subject by any means. I would say that everything that I learned from this technology is either self taught or from VMware Support. Speaking of VMware Support, on numerous occasions I have been told by their Level 2 and 3 storage engineers that they know very little about how it actually works. This actually makes sense and let me explain.

A vVOL or Virtual Volume is a block of storage that gets presented from the storage provider (SAN usually) and vCenter just connects to it as a subscriber. From there vCenter replicates the connections to the ESXi hosts which these connections are independent of the vCenter connection. All of the actual provisioning and managent is actually done on the storage array. So unlike a VMDK where you have to mount the LUN and then format it. A vVOL gets connected to vCenter by via the VASA Provider screen and create a vVOL in vCenter which then gets “trickled” down to the ESXi hosts that you want to be able to see it.

Now here is where the tricky parts come in. At least in the case of Pure Storage only 1 vCenter may connect to a particular Storage controller at one time unless you are using a CA issued certificate. Which lets face it, half the time IT teams barely use DNS and you expect them to use SSL certs if it is not client facing. The good news is, Pure thought of this and that is why when you connect to the storage controller from vCenter the storage controller will issue a self signed certificate which will be used for the connection. The bad news is, the SSL cert is only good for a year and vCenter starts to alert that the certificate is expiring after 100 days or something like that.

As long as everything is good connectivity wise, renewing the certificate is as easy as logging into vCenter >clicking on the vCenter object > going to configure and clicking on storage providers > finding your Certificate and clicking refresh. From there vCenter sends a request to the storage controller and the storage controller will generate a new certificate and send it to vCenter and that is it.

Well sort of, see if it was that easy, I would not be writing this post. A few months back I had gone through the above process and it worked just fine. All was well for about 2 weeks, and then I started getting alerts (little yellow triangles in the vCenter console) saying that the storage paths to the vVOLs lost their redundancy. I opened a case with VMware support and they looked at it and said it was not a them issue it was an issue with the storage. Now to cut a long support story short, my case ended up getting routed to the VMware certificates team after my hosts started disconnecting from storage and I had to escallate the case to a P1.

The Certificates engineer saw something in the logs saying there was a certificates mismatch and wondered if that could be part of the issue. By that point things had gone too far and the fix was to delete the storage provider and add it back in manually and that brought it back up. However a few months after that on a completly different vCenter I started to see the same thing. I again opened a case and got the same engineer as before. They showed me a little trick which is to right click on the hosts that are connected to the vVOLs, go to Certificates, and click renew certificates and refresh CA certificates and that fixed the issue!!

So here is my understanding of what happened here. Even though I refreshed the vVOL certificate on the vCenter, something happened which did not allow the certifcate to propagate down to all the vCenters which required manual intervention before the ESXi hosts terminated their connections with the vVOLs.

So now going forward my process is to renew the Certificate from the VASA Providers > Refresh the host Certificates > and Renew the CA certificates on the ESXi hosts.

I hope you found this post helpful and I apologize for it being so wordy. Hopefully this will help someone in the future which is the whole purpose of this blog.

Uncategorized Virtualization Vmware

vCenter – Unable to login with WinSCP

Hey all it has certainly been a while since I have posted anything, but I am back now and I have quite a few things in the pipeline including a walk through of my new home lab!! For now lets get down to business with being unable to login with WinSCP.

Today I wanted to cover an issue that has been plaguing me quite a bit the last few months. As I am sure you are all aware, VMware vSphere and ESX 6.7 has been out of support since October 2022. Back in August of 2022, my team members at the company I work for worked dilligently to upgrade all of the vCenters and ESXi hosts in out environment.

If you are not aware, upgrading a VCSA appliance from 6.7 to 7.0 involves deploying a new 7.0 appliance and migrating your settings from one to another. Our Friends at VMware have done an amazing job with building a wizard that does most of the work for you. Perhaps as part of my new lab I will try do a guide on the upgrade process as I am sure there are many companies out there who have yet to do the upgrade. In fact I might even go as far as upgrading to 8.0!! Tune in for more.

Back to the matter at hand, When you deploy a new vCenter one of the issues you may run into is not being able to log in with WinSCP. For those of you that do not know, WinSCP is a free application (donations are accepted and appreacated) that allows you to transfer files using the SCP protocol (among others) on a Windows PC and it gives you a nice graphical user interface. You can download a copy of WinSCP here. You can also download it using Chocolatey if that is your thing.

When you try to connect to vCenter using WinSCP you may get this message:

Host is not communicating for more than 15 seconds. If the problem repeats, try turning off ‘Optimize connection buffer size’.

This can be particularly annoying when you need to add or remove a file from vCenter and because like me you probably don’t add or remove files from vCenter all that often so most times you forget that this could be an issue.

To solve the issue you will need to log into vCenter using SSH as root and run this command:

chsh -s /bin/bash root

and press enter.

Once you have done this you can then retry connecting via WinSCP and the issue should be resolved. If you don’t have the root credentals, please check out this article to find out how you can get around that.

Uncategorized Virtualization Vmware

How to enable BASH shell on vCenter 6.0

According to VMware’s KB articles they claim that this settings change is no longer needed when logging into VCSA Appliances in 6.5 – 7.0. However I am not 100% certain that that is true as, to be honest I always log in as root and have never had to do it. Do have some collegues who claim that they need to do this when they are using their AD Authenticated credentials.

While logged into vCenter as you not root account you will need to type (or copy and paste) this into your SSH session:

shell.set –enable True

In reality, you could also just log into the VAMI and start the BASH service there which I think is what I normally do anyway and thus why I have never had to run this command.


NEW LINUX TOOL!! df vs duf

So recently I switched to using a Linux laptop (which I will talk about at a later date). But while I have been working on trying to acclimate to using Linux, one of the things I have never been able to figure out is how to see how much space I am using.

When you google “how to see used disk space in Linux” you will undoubtedly be sent to a blog post or tech article on how to use the df command. For those of you wondering what that looks like here is what I get on my laptop:

Now I don’t know about you, but I have no idea what I am looking at here. From what I can tell I am using 13% on my / volume.

Enter duf. duf is a linux application that you can download from your favorite linux application repository.

In my case I ran the following command to install it

sudo apt-get install duf

Once you get duf installed you can run the command by just typing duf.

As you can see you can read this so much better than using the simple df command.

I hope you found this post interesting and helpful. Please make sure you share this with your friends. Remember Knowledge is Power!


Duplicati – A free file based backup solution

This is a snapshot of what the Duplicati Dashboard looks like.

Do you have a bunch of Data that is not being protected? Maybe you have hundreds or thousands of family pictures that are just sitting on your PC hard drive just waiting to be lost in your next Hard drive crash? How about your High School or College paper that you have been working on for months, could you afford to have to rewrite it the night before it is due?

Well have I got the answer for you, Duplicati 2.0. Duplicati is a free web based file backup software that works on Windows, Mac, and a few Linux distros. The team behind Duplicati are constantly working on updating it and making improvements.

Duplicati offers many backend (destinations) to backup to including local and cloud based storage and offers 256 bit AES encryption to keep your backups nice an secure. It is Web based (it runs out of your web browser) and is very light weight so it does not take up a lot of resources on your Computer. Most importantly is the price point…. FREE!!!

As touched on earlier, you are able to backup to almost anywhere, like an external HDD or SD (like these ones here you can find on Amazon), a NAS or Network Attached Storage, or cloud based storage like Google Drive, iCloud, Dropbox, AWS S3, Backblaze, or Microsoft Azure cloud Storage.

I have been running Duplicati on all my personal machines for a few months now and I have to admit it works great. The only downside that I have come across so far is the false positive messages that you get. Meaning if you have a file open that is supposed to be backed up, you will get a warning message that the file could not be backed up, but a recent update is supposed to fix a lot of those messages that we have been getting so I look forward to see what happens with that.

If you are interested in learning more about Duplicati, I suggest that you follow the link above. If you would like to setup Duplicati but are not sure where to start feel free to reach out to me via the Contact Us page. I would love to lend you a hand and I can offer a really great rate on a place to store your data.

Remember that the question is not IF your hard drive is going to die, it is a matter of WHEN your hard drive is going to die. It is just a matter of time, and data loss can be right around the corner.

Virtualization Vmware

vCenter 6.5 – Unable to Authenticate

Happy Monday everyone! I hope you all had a great weekend and Holiday. Guess what happened to me this morning? I came into the office (virtually of course) and discovered that our VDI vCenter environment was inaccessible. Now this is an older environment on its way out the door so I am not too concerned with it. However it would make our lives easier to have vCenter working for the decommissioning process.

When I tried to log into this VCSA Server I would receive the following message in a red banner across the top of the screen:

[400] An error occurred while processing the authentication response from the vCenter Single Sign-On server. Details: ‘Trusted root certificates’ value should not be empty.

When I said this environment is old, it was upgraded from 5.5 and is now comprised of a VCSA appliance and an external PSC. Although the database has been migrated to a vPostgress DB instead of the SQL database that is started on, we have still noticed issues as time has gone one.

We tried to log in both with AD credentials and the local administrator user and both failed. Which was very concerning as we did have an issue with a DNS a few months back which knocked out AD authentication and all of our hosts in a different environment. Resolving that issue required a ticket to be opened with VMware.

I logged into the VAMI on both the PSC and the vCenter server (AD Authentication on both) and I did not see any issues there. Everything looked health and good. Since this environment is going away we decided to see if a good old reboot would fix it since we could not remember when the last reboot on this system occurred.

After rebooting the VCSA appliance everything seemed okay. In fact the vCenter console logged me in automatically. We plan to look into this more, however with this environment being decommissioned in the next few days I don’t think we will find anything of value.

If I do find a root cause for this one I will make sure to post a update on this.

Fitness Tracker Product Reviews

Wyze Fitness Tracker

So continuing my search for the perfect fitness tracker for my lifestyle I came across the Wyze Fitness Tracker. I first discovered Wyze while doing research in the Home Automation space as they make low cost Cameras and other devices. I only paid around $30 for the Fitness tracker which I felt was a pretty good deal.

From the moment you get the fitness tracker you will be able to tell that the Wyze device is in a different league. It is very light weight and I often forget I am wearing it and its display is vibrant and from what I can tell it works great. It also has some water resistance as I was able to pull the plug on my bathtub with it on and it kept working.

The Wyze app it something completely different. From the Wyze app you are able to not only control all your smart devices, but you are also able to manage your health information, integrations, and notifications. For integrations, I am able to send information from the Wyze app to Google Fit which is a definite plus for me, as I have been using it for years. You are also able to specify which apps you want to vibrate your Fitness Tracker when you get a notification. This affords me the ability to only allow apps I deem important to notify me such as SMS or Phone apps and not be spammed with Facebook notification.

One final thing that sets the Wyze Fitness tracker apart is that it has beep integrations with Alexa (which I don’t have…. yet). I can’t wait to explore the ability to control my home from my watch!!

As for the downsides for this device, I would have to say the weak point for the Wyze Fitness Tracker is that the battery only holds a charge for about a week. I have been using it for about 6 weeks now and that is really my biggest complaint.

So if you are good with having to charge your Fitness Tracker once a week, then this may be the fitness tracker for you.

I hope you found this post helpful, and if you do, please share it with your friends and families.

Microsoft Tools Uncategorized

Need help resizing your Hard drive?! AOMEI Partition Assistant to the rescue.

I was asked to assist with a SSD replacement for a drive that was starting to degrade. I started off by using CloneZilla to backup the drive but de to the degradation of the 90 GB SSD I was not able to complete the backup to my drive. In order to get around this issue I was able to use the Windows backup utility to create a disk image (which for some reason worked) an then restore the image to a new 1 TB drive.

At that point I thought I was made in the shade. Until I realized that I was not able to expand the C:\ Partition as there was another partition at the end of the disk. Windows Disk Manager would not allow me to move partitions (thanks Microsoft!) so I had to look for a third party solution to help. I came across AOMEI Partition Assistant Standard which said it would do the trick.

For the purpose of this exercise I went with the freeware download as I was only going to need to do this once and the Freeware edition should have been able to do what I needed. Let me tell you, I was not disappointed.

I installed it on the computer and from there I was able to not only move the partition on the disk, but I was able to expand the C:\ from 90 GB to 990 GB all at the same time. After submitting the job, it asks for a reboot which took a while but once the computer came back up it was working great!.

If you are ever in this situation you should totally check these guys out as they are now going to be a staple in my tool kit for the foreseeable future.