terça-feira, 27 de setembro de 2011

GroundWork - Criar gráficos de performance para um AIC

Criar gráficos de performance

Os procedimentos abaixo são destinados a criação de gráficos de performance dos AICs*.

AICs: Atributo de Item de Configuração -> Nada mais é que um serviço do Nagios, exemplo monitoramento do disco C de um host(IC).

ICs: Item de Configuração -> Nada mais é que um host do Nagios, exemplo monitoramento de um servidor.

Onde se aplica?

O GroundWork OpenSource Community Edition(GWOS) não cria por padrão gráficos de performance para os AICs adicionados. Para gerar novos gráficos é necessário um conhecimento básico da solução RRDTool que é utilizada no MTRG.

Explicando um pouco mais, imagine que você adicionou no host(IC) 'TESTE' o serviço(AIC) 'IC-Availability', ao acessar a guia 'Status' do Groundwork e selecionar o AIC alvo mencionado anteriormente, não poderá visualizar um histórico de valores obtidos nas checagens caso este gráfico de performance não esteja configurado corretamente. Dai a importância deste 'how-to', possibilitar isso ao cliente, o acompanhamento dos valores coletados para que com eles o cliente possa basear implementações e adição de recursos.

Requisitos:

O AIC que adicionará o gráfico do RRDTool deve gerar perfdata;
Noções administrativas de Nagios(core do GroundWork);
Ser provido de cérebro;

Verificações:

O AIC que quero criar o gráfico gera perfdata?

Teste executando uma checagem, seja via GroundWork(GWOS), ou através da console mesmo:

GroundWork(GWOS):

Console:

Perfdata: Toda informação que é enviada na execução da checagem após o pipe, logo no exemplo acima o perfdata é:

rta=0.938ms;3000.000;5000.000;0; pl=0%;80;100;;

Onde 'rta' e 'pl' são as duas métricas, sendo 'response time average' e 'packet loss'.

O 'rta' é obtido em milissegundos(ms) e o 'pl' em porcentagem(%).

0.938 é o valor em 'ms' obtido na checagem.

0% é o valor em '%' obtido na checagem.

3000.000 é o threshold(limite) de alerta para que o 'rta' seja considerado como WARNING ao Nagios(GWOS).

5000.000 é o threshold(limite) de alerta para que o 'rta' seja considerado como CRITICAL ao Nagios(GWOS).

0 é o valor mínimo na plotagem do gráfico do RRDTool.

Com as afirmações abaixo consideramos que o perfdata é composto por uma ou mais métricas, as quais possuem a seguinte sintaxe:

[métrica]={valor obtido};{threshold para WARNING};{threshold para CRITICAL};{valor mínimo plotado no gráfico};{valor máximo plotado no gráfico}

E se meu AIC não gera perfdata?

Existe uma função no GroundWork(GWOS) que é capaz de realizar expressão regular(REGEX) no status do AIC, ou seja, tudo que vem antes do pipe, em nosso exemplo seria: OK - 192.168.20.13: rta 0.938ms, lost 0%

Vamos a configuração do Gráfico de Performance, no GroundWork acesse 'Configuration -> Performance' e clique em 'Create New Entry'.

Serão apresentadas as opções para a criação de um novo gráfico, então explicando cada opção:

Graph Label - Título do gráfico, para nosso exemplo 'ICMP Ping Response Time'

Service - Nome do Serviço, para nosso exemplo 'IC-Availability'

Use Service as a Regular Expression - Opção para utilizar o perfdata do AIC

Host - IC aos quais o gráfico se aplicará, para aplicar para todos os ICs que possuam este AIC utilize *

Status Text Parsing Regular Expression - Se utilizado o perfdata para coleta dos dados não preencha este campo, ele se aplica somente se seu AIC não gera perfdata, neste caso coloque sua REGEX ai

Use Status Text Parsing instead of Performance Data - Marque essa opção para AICs sem perfdata

RRD Name - O arquivo que será gravado no disco do Groundwork(GWOS), utilize '/usr/local/groundwork/rrd/$HOST$_$SERVICE$.rrd'

RRD Create Command - Este campo é para a criação do gráfico, caso não entenda as informações que serão inseridas neste campo procure conhecer um pouco mais de RRDTool, para nosso exemplo utilizaremos o seguinte:

$RRDTOOL$ create $RRDNAME$ --step 300 --start n-1yr DS:rta:GAUGE:1800:U:U DS:pl:GAUGE:1800:U:U RRA:AVERAGE:0.5:1:8640 RRA:AVERAGE:0.5:12:9480

RRD Update Command - Este campo é para o comando que o RRDTool utilizará para atualizar o gráfico, para nosso exemplo utilizaremos:

$RRDTOOL$ update $RRDNAME$ $LASTCHECK$:$VALUE1$:$VALUE2$ 2>&1

Custom RRDtool Graph Command - Este campo é para customização de cores e saídas do gráfico caso o perfdata não seja exatamente o que você quer mostrar, utilizaremos para nosso exemplo o seguinte:

'rrdtool graph - --imgformat=PNG --title="ICMP Performance" --rigid --base=1000 --height=120 --width=700 --alt-autoscale-max --lower-limit=0 --vertical-label="Time and Percent" --slope-mode DEF:a="rrd_source":ds_source_1:AVERAGE DEF:b="rrd_source":ds_source_0:AVERAGE CDEF:cdefa=b CDEF:cdefb=a,100,/ AREA:cdefa#43C6DB:"Response Time (ms) " GPRINT:cdefa:LAST:"Current\:%8.2lf %s" GPRINT:cdefa:AVERAGE:"Average\:%8.2lf %s" GPRINT:cdefa:MAX:"Maximum\:%8.2lf %s\n" LINE1:cdefb#307D7E:"Percent Loss " GPRINT:cdefb:LAST:"Current\:%8.2lf %s" GPRINT:cdefb:AVERAGE:"Average\:%8.2lf %s" GPRINT:cdefb:MAX:"Maximum\:%8.2lf %s"'

Enable - Para habilitar o gráfico deixe o checkbox marcado

Após salve o gráfico e realize um 'Commit' na guia 'Control' do GroundWork(GWOS). Pronto, seu gráfico se estiver correto dentro de 4 checagens do seu AIC será criado e já poderá visualizá-lo.

segunda-feira, 26 de setembro de 2011

JBoss - Usando o JConsole e JVisualM no JBoss

Este post será útil para os que querem monitorar e invocar métodos através do JConsole ou JVisualM remotamente.

Importante:

- Utilizada instância 'all';
- IP de bind do JBoss 192.168.56.101;

Configurações necessárias no 'run.conf' da instância do JBoss:

1 - Adicione a linha abaixo:

JAVA_OPTS="$JAVA_OPTS -Djava.rmi.server.hostname=$IP_DO_JBOSS -Dcom.sun.management.config.file=/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/management.properties -Dcom.sun.management.jmxremote -Djboss.platform.mbeanserver -Djavax.management.builder.initial=org.jboss.system.server.jmx.MBeanServerBuilderImpl"

2 - Substitua o IP_DO_JBOSS pelo IP que o JBoss realiza o bind, e também path do arquivo de configuração do JMX.

Ficaria assim um arquivo de configuração:

---

if [ "x$JAVA_OPTS" = "x" ]; then

JAVA_OPTS="-Xms512m -Xmx512m -XX:MaxPermSize=256m -Dorg.jboss.resolver.warning=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Dsun.lang.ClassLoader.allowArraySyntax=true"

# Gerenciamento JConsole
JAVA_OPTS="$JAVA_OPTS -Djava.rmi.server.hostname=192.168.56.101 -Dcom.sun.management.config.file=/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/management.properties -Dcom.sun.management.jmxremote -Djboss.platform.mbeanserver -Djavax.management.builder.initial=org.jboss.system.server.jmx.MBeanServerBuilderImpl"

fi

---

3 - Agora copie o conteúdo da pasta 'management' do seu JDK para o JBoss:

$ mkdir /opt/jboss-epp-5.1/jboss-as/server/all/conf/management/

$ cp /opt/jdk1.6.0_23/jre/lib/management/* /opt/jboss-epp-5.1/jboss-as/server/all/conf/management/

4 - Edite o arquivo '/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/jmxremote.access' deixando da seguinte forma:

######################################################################

# Default Access Control File for Remote JMX(TM) Monitoring

######################################################################

# Access control file for Remote JMX API access to monitoring.

# This file defines the allowed access for different roles. The

# password file (jmxremote.password by default) defines the roles and their

# passwords. To be functional, a role must have an entry in

# both the password and the access files.

# The default location of this file is $JRE/lib/management/jmxremote.access

# You can specify an alternate location by specifying a property in

# the management config file $JRE/lib/management/management.properties

# (See that file for details)

# The file format for password and access files is syntactically the same

# as the Properties file format. The syntax is described in the Javadoc

# for java.util.Properties.load.

# A typical access file has multiple lines, where each line is blank,

# a comment (like this one), or an access control entry.

# An access control entry consists of a role name, and an

# associated access level. The role name is any string that does not

# itself contain spaces or tabs. It corresponds to an entry in the

# password file (jmxremote.password). The access level is one of the

# following:

# "readonly" grants access to read attributes of MBeans.

# For monitoring, this means that a remote client in this

# role can read measurements but cannot perform any action

# that changes the environment of the running program.

# "readwrite" grants access to read and write attributes of MBeans,

# to invoke operations on them, and optionally

# to create or remove them. This access should be granted

# only to trusted clients, since they can potentially

# interfere with the smooth operation of a running program.

# The "readwrite" access level can optionally be followed by the "create" and/or

# "unregister" keywords. The "unregister" keyword grants access to unregister

# (delete) MBeans. The "create" keyword grants access to create MBeans of a

# particular class or of any class matching a particular pattern. Access

# should only be granted to create MBeans of known and trusted classes.

# For example, the following entry would grant readwrite access

# to "controlRole", as well as access to create MBeans of the class

# javax.management.monitor.CounterMonitor and to unregister any MBean:

# controlRole readwrite \

# create javax.management.monitor.CounterMonitorMBean \

# unregister

# or equivalently:

# controlRole readwrite unregister create javax.management.monitor.CounterMBean

# The following entry would grant readwrite access as well as access to create

# MBeans of any class in the packages javax.management.monitor and

# javax.management.timer:

# controlRole readwrite \

# create javax.management.monitor.*,javax.management.timer.* \

# unregister

# The \ character is defined in the Properties file syntax to allow continuation

# lines as shown here. A * in a class pattern matches a sequence of characters

# other than dot (.), so javax.management.monitor.* matches

# javax.management.monitor.CounterMonitor but not

# javax.management.monitor.foo.Bar.

# A given role should have at most one entry in this file. If a role

# has no entry, it has no access.

# If multiple entries are found for the same role name, then the last

# access entry is used.

# Default access control entries:

# o The "monitorRole" role has readonly access.

# o The "controlRole" role has readwrite access and can create the standard

# Timer and Monitor MBeans defined by the JMX API.

#monitorRole readonly

#controlRole readwrite \

# create javax.management.monitor.*,javax.management.timer.* \

# unregister

admin readwrite

5 - Altere o arquivo '/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/jmxremote.password.template' para '/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/jmxremote.password' e edite o arquivo deixando-o da seguinte forma:

# ----------------------------------------------------------------------

# Template for jmxremote.password

# o Copy this template to jmxremote.password

# o Set the user/password entries in jmxremote.password

# o Change the permission of jmxremote.password to read-only

# by the owner.

# See below for the location of jmxremote.password file.

# ----------------------------------------------------------------------

##############################################################

# Password File for Remote JMX Monitoring

##############################################################

# Password file for Remote JMX API access to monitoring. This

# file defines the different roles and their passwords. The access

# control file (jmxremote.access by default) defines the allowed

# access for each role. To be functional, a role must have an entry

# in both the password and the access files.

# Default location of this file is $JRE/lib/management/jmxremote.password

# You can specify an alternate location by specifying a property in

# the management config file $JRE/lib/management/management.properties

# or by specifying a system property (See that file for details).

##############################################################

# File permissions of the jmxremote.password file

##############################################################

# Since there are cleartext passwords stored in this file,

# this file must be readable by ONLY the owner,

# otherwise the program will exit with an error.

# The file format for password and access files is syntactically the same

# as the Properties file format. The syntax is described in the Javadoc

# for java.util.Properties.load.

# Typical password file has multiple lines, where each line is blank,

# a comment (like this one), or a password entry.

# A password entry consists of a role name and an associated

# password. The role name is any string that does not itself contain

# spaces or tabs. The password is again any string that does not

# contain spaces or tabs. Note that passwords appear in the clear in

# this file, so it is a good idea not to use valuable passwords.

# A given role should have at most one entry in this file. If a role

# has no entry, it has no access.

# If multiple entries are found for the same role name, then the last one

# is used.

# In a typical installation, this file can be read by anybody on the

# local machine, and possibly by people on other machines.

# For # security, you should either restrict the access to this file,

# or specify another, less accessible file in the management config file

# as described above.

# Following are two commented-out entries. The "measureRole" role has

# password "QED". The "controlRole" role has password "R&D".

# monitorRole QED

# controlRole R&D

admin teste123

Onde "admin" é o usuário do access e "teste123" será a senha de acesso deste usuário.

6 - Edite o arquivo '/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/management.properties' e deixe-o da seguinte forma:

#####################################################################

# Default Configuration File for Java Platform Management

#####################################################################

# The Management Configuration file (in java.util.Properties format)

# will be read if one of the following system properties is set:

# -Dcom.sun.management.jmxremote.port=<port-number>

# or -Dcom.sun.management.snmp.port=<port-number>

# or -Dcom.sun.management.config.file=<this-file>

# The default Management Configuration file is:

# $JRE/lib/management/management.properties

# Another location for the Management Configuration File can be specified

# by the following property on the Java command line:

# -Dcom.sun.management.config.file=<this-file>

# If -Dcom.sun.management.config.file=<this-file> is set, the port

# number for the management agent can be specified in the config file

# using the following lines:

# ################ Management Agent Port #########################

# For setting the JMX RMI agent port use the following line

com.sun.management.jmxremote.port=21123

# For setting the SNMP agent port use the following line

# com.sun.management.snmp.port=<port-number>

#####################################################################

# Optional Instrumentation

#####################################################################

# By default only the basic instrumentation with low overhead is on.

# The following properties allow to selectively turn on optional

# instrumentation which are off by default and may have some

# additional overhead.

# com.sun.management.enableThreadContentionMonitoring

# This option enables thread contention monitoring if the

# Java virtual machine supports such instrumentation.

# Refer to the specification for the java.lang.management.ThreadMBean

# interface - see isThreadContentionMonitoringSupported() method.

# To enable thread contention monitoring, uncomment the following line

# com.sun.management.enableThreadContentionMonitoring

#####################################################################

# SNMP Management Properties

#####################################################################

# If the system property -Dcom.sun.management.snmp.port=<port-number>

# is set then

# - The SNMP agent (with the Java virtual machine MIB) is started

# that listens on the specified port for incoming SNMP requests.

# - the following properties for read for SNMP management.

# The configuration can be specified only at startup time.

# Later changes to the above system property (e.g. via setProperty method), this

# config file, or the ACL file has no effect to the running SNMP agent.

# ##################### SNMP Trap Port #########################

# com.sun.management.snmp.trap=<trap-destination-port-number>

# Specifies the remote port number at which managers are expected

# to listen for trap. For each host defined in the ACL file,

# the SNMP agent will send traps at <host>:<trap-destination-port-number>

# Default for this property is 162.

# To set port for sending traps to a different port use the following line

# com.sun.management.snmp.trap=<trap-destination-port-number>

# ################ SNMP listen interface #########################

# com.sun.management.snmp.interface=<InetAddress>

# Specifies the local interface on which the SNMP agent will bind.

# This is useful when running on machines which have several

# interfaces defined. It makes it possible to listen to a specific

# subnet accessible through that interface.

# Default for this property is "localhost".

# The format of the value for that property is any string accepted

# by java.net.InetAddress.getByName(String).

# For restricting the port on which SNMP agent listens use the following line

# com.sun.management.snmp.interface=<InetAddress>

# #################### SNMP ACL file #########################

# com.sun.management.snmp.acl=true|false

# Default for this property is true. (Case for true/false ignored)

# If this property is specified as false then the ACL file

# is not checked: all manager hosts are allowed all access.

# For SNMP without checking ACL file uncomment the following line

# com.sun.management.snmp.acl=false

# com.sun.management.snmp.acl.file=filepath

# Specifies location for ACL file

# This is optional - default location is

# $JRE/lib/management/snmp.acl

# If the property "com.sun.management.snmp.acl" is set to false,

# then this property and the ACL file are ignored.

# Otherwise the ACL file must exist and be in the valid format.

# If the ACL file is empty or non existent then no access is allowed.

# The SNMP agent will read the ACL file at startup time.

# Modification to the ACL file has no effect to any running SNMP

# agents which read that ACL file at startup.

# For a non-default acl file location use the following line

# com.sun.management.snmp.acl.file=filepath

#####################################################################

# RMI Management Properties

#####################################################################

# If system property -Dcom.sun.management.jmxremote.port=<port-number>

# is set then

# - A MBean server is started

# - JRE Platform MBeans are registered in the MBean server

# - RMI connector is published in a private readonly registry at

# specified port using a well known name, "jmxrmi"

# - the following properties are read for JMX remote management.

# The configuration can be specified only at startup time.

# Later changes to above system property (e.g. via setProperty method),

# this config file, the password file, or the access file have no effect to the

# running MBean server, the connector, or the registry.

# ########## RMI connector settings for local management ##########

# com.sun.management.jmxremote.local.only=true|false

# Default for this property is true. (Case for true/false ignored)

# If this property is specified as true then the local JMX RMI connector

# server will only accept connection requests from clients running on

# the host where the out-of-the-box JMX management agent is running.

# In order to ensure backwards compatibility this property could be

# set to false. However, deploying the local management agent in this

# way is discouraged because the local JMX RMI connector server will

# accept connection requests from any client either local or remote.

# For remote management the remote JMX RMI connector server should

# be used instead with authentication and SSL/TLS encryption enabled.

# For allowing the local management agent accept local

# and remote connection requests use the following line

com.sun.management.jmxremote.local.only=false

# ###################### RMI SSL #############################

# com.sun.management.jmxremote.ssl=true|false

# Default for this property is true. (Case for true/false ignored)

# If this property is specified as false then SSL is not used.

# For RMI monitoring without SSL use the following line

com.sun.management.jmxremote.ssl=false

# com.sun.management.jmxremote.ssl.config.file=filepath

# Specifies the location of the SSL configuration file. A properties

# file can be used to supply the keystore and truststore location and

# password settings thus avoiding to pass them as cleartext in the

# command-line.

# The current implementation of the out-of-the-box management agent will

# look up and use the properties specified below to configure the SSL

# keystore and truststore, if present:

# javax.net.ssl.keyStore=<keystore-location>

# javax.net.ssl.keyStorePassword=<keystore-password>

# javax.net.ssl.trustStore=<truststore-location>

# javax.net.ssl.trustStorePassword=<truststore-password>

# Any other properties in the file will be ignored. This will allow us

# to extend the property set in the future if required by the default

# SSL implementation.

# If the property "com.sun.management.jmxremote.ssl" is set to false,

# then this property is ignored.

# For supplying the keystore settings in a file use the following line

# com.sun.management.jmxremote.ssl.config.file=filepath

# com.sun.management.jmxremote.ssl.enabled.cipher.suites=<cipher-suites>

# The value of this property is a string that is a comma-separated list

# of SSL/TLS cipher suites to enable. This property can be specified in

# conjunction with the previous property "com.sun.management.jmxremote.ssl"

# in order to control which particular SSL/TLS cipher suites are enabled

# for use by accepted connections. If this property is not specified then

# the SSL/TLS RMI Server Socket Factory uses the SSL/TLS cipher suites that

# are enabled by default.

# com.sun.management.jmxremote.ssl.enabled.protocols=<protocol-versions>

# The value of this property is a string that is a comma-separated list

# of SSL/TLS protocol versions to enable. This property can be specified in

# conjunction with the previous property "com.sun.management.jmxremote.ssl"

# in order to control which particular SSL/TLS protocol versions are

# enabled for use by accepted connections. If this property is not

# specified then the SSL/TLS RMI Server Socket Factory uses the SSL/TLS

# protocol versions that are enabled by default.

# com.sun.management.jmxremote.ssl.need.client.auth=true|false

# Default for this property is false. (Case for true/false ignored)

# If this property is specified as true in conjunction with the previous

# property "com.sun.management.jmxremote.ssl" then the SSL/TLS RMI Server

# Socket Factory will require client authentication.

# For RMI monitoring with SSL client authentication use the following line

com.sun.management.jmxremote.ssl.need.client.auth=false

# com.sun.management.jmxremote.registry.ssl=true|false

# Default for this property is false. (Case for true/false ignored)

# If this property is specified as true then the RMI registry used

# to bind the RMIServer remote object is protected with SSL/TLS

# RMI Socket Factories that can be configured with the properties:

# com.sun.management.jmxremote.ssl.config.file

# com.sun.management.jmxremote.ssl.enabled.cipher.suites

# com.sun.management.jmxremote.ssl.enabled.protocols

# com.sun.management.jmxremote.ssl.need.client.auth

# If the two properties below are true at the same time, i.e.

# com.sun.management.jmxremote.ssl=true

# com.sun.management.jmxremote.registry.ssl=true

# then the RMIServer remote object and the RMI registry are

# both exported with the same SSL/TLS RMI Socket Factories.

# For using an SSL/TLS protected RMI registry use the following line

com.sun.management.jmxremote.registry.ssl=false

# ################ RMI User authentication ################

# com.sun.management.jmxremote.authenticate=true|false

# Default for this property is true. (Case for true/false ignored)

# If this property is specified as false then no authentication is

# performed and all users are allowed all access.

# For RMI monitoring without any checking use the following line

com.sun.management.jmxremote.authenticate=true

# ################ RMI Login configuration ###################

# com.sun.management.jmxremote.login.config=<config-name>

# Specifies the name of a JAAS login configuration entry to use when

# authenticating users of RMI monitoring.

# Setting this property is optional - the default login configuration

# specifies a file-based authentication that uses the password file.

# When using this property to override the default login configuration

# then the named configuration entry must be in a file that gets loaded

# by JAAS. In addition, the login module(s) specified in the configuration

# should use the name and/or password callbacks to acquire the user's

# credentials. See the NameCallback and PasswordCallback classes in the

# javax.security.auth.callback package for more details.

# If the property "com.sun.management.jmxremote.authenticate" is set to

# false, then this property and the password & access files are ignored.

# For a non-default login configuration use the following line

# com.sun.management.jmxremote.login.config=<config-name>

# ################ RMI Password file location ##################

# com.sun.management.jmxremote.password.file=filepath

# Specifies location for password file

# This is optional - default location is

# $JRE/lib/management/jmxremote.password

# If the property "com.sun.management.jmxremote.authenticate" is set to

# false, then this property and the password & access files are ignored.

# Otherwise the password file must exist and be in the valid format.

# If the password file is empty or non-existent then no access is allowed.

# For a non-default password file location use the following line

com.sun.management.jmxremote.password.file=/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/jmxremote.password

# ################ RMI Access file location #####################

# com.sun.management.jmxremote.access.file=filepath

# Specifies location for access file

# This is optional - default location is

# $JRE/lib/management/jmxremote.access

# If the property "com.sun.management.jmxremote.authenticate" is set to

# false, then this property and the password & access files are ignored.

# Otherwise, the access file must exist and be in the valid format.

# If the access file is empty or non-existent then no access is allowed.

# For a non-default password file location use the following line

com.sun.management.jmxremote.access.file=/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/jmxremote.access

Parâmetros importantes:

com.sun.management.jmxremote.port=21123 - Porta do JMX

com.sun.management.jmxremote.local.only=false - Se responderá só locamente

com.sun.management.jmxremote.ssl=false - Se utilizará SSL(é indicado utilizar)

com.sun.management.jmxremote.authenticate=true - Se o JMX utilizará autenticação

com.sun.management.jmxremote.password.file=/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/jmxremote.password - Arquivo de senhas

com.sun.management.jmxremote.access.file=/opt/jboss-epp-5.1/jboss-as/server/all/conf/management/jmxremote.access - Arquivo de usuários

7 - Crie o arquivo dentro de seu JDK para o Jstat '/opt/jdk1.6.0_23/jre/lib/security/tools.policy' e deixe-o da seguinte forma:

grant {

permission java.security.AllPermission;

};

8 - Execute o seguinte comando:

$ /opt/jdk1.6.0_23/bin/jstatd -p 1099 -J-Djava.security.policy=tools.policy &

9 - Agora poderá utilizando o JConsole ou JVisualM adicionar seu JBoss para monitoramento remoto:

JConsole - hostname - No meu caso 192.168.56.101

- porta 21123

JVisualM

JMX - hostname 192.168.56.101 - porta 21123

Jstat - hostname 192.168.56.101 - porta 1099

Em produção - Utilize no JMX SSL e no Jstat utilize grants mais restritivas, também pode limitar o acesso por IPTables.

sexta-feira, 23 de setembro de 2011

Zimbra - Backup Online do ZCSOS

O Zimbra OpenSource Edition não possui uma ferramenta de backup online, como na versão Enterprise, então para realizar um backup muitos param o servidor(zmcontrol stop) e utilizam o rsync para este passo.

Nunca gostei disso então resolvi fazer o meu próprio backup e com o Zimbra online, ou seja, sem ter que parar o servidor.

Importante:

- Não serve para realizar o backup das configurações do domínio, ou seja, não é para disaster recovery.

Ai vai o código fonte do cara e após explico seu funcionamento:

1 - Crie o arquivo '/opt/zimbra/bin/zcsos-hotbackup.pl' e insira o seguinte conteúdo:

#!/usr/bin/perl
#
# Description: Generate a ZCSOS online backup
#
#
#Author:
# Gabriel Prestes (helkmut@gmail.com)
#
#07-16-2010 : Created
#02-18-2011 : Modify
#02-28-2011 : Modify
#03-01-2011 : Modify
#03-02-2011 : Final version 0.2
#04-15-2011 : Bug fix
#08-26-2011 : Final version 1.0
#09-01-2011 : Final version 1.1

# --- New Features --- #
# * Agent renamed to ZCSOS-Hotbackup
# * Agent use Zimbra Admin account to send mail status job
# * Now you can restore an account using destination prefix to avoid overwriting the original account
# * Automatically creates accounts in Zimbra's backup if full restoration
# * File configuration parameters
# * Backup rotate control

# --- Bugs fixed --- #

# - v0.2 -
# * Log to console
# * First run does not tell that the folder '/opt/backup/zimbra' does not exist

# --- Wishlist --- #
# * Binary version
# * Validation of the server name and license generated
# * GUI for administration of backups and restores

# Modules
use strict;
use POSIX;
use Getopt::Long;
use File::Basename;
use Switch;
use Net::SMTP;

# ENVs
$ENV{"USER"}="zimbra";
$ENV{"HOME"}="/opt/zimbra";
$ENV{'PATH'} = '/opt/zimbra/bin:/opt/zimbra/postfix/sbin:/opt/zimbra/openldap/bin:/opt/zimbra/snmp/bin:/opt/zimbra/bdb/bin:/opt/zimbra/openssl/bin:/opt/zimbra/java/bin:/usr/sbin:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin';

# Global variables
our $name = basename($0, ".pl");
our $version="1.1";
our $log= "/opt/zimbra/log/zcsos-hotbackup.log";
our $props = "/opt/zimbra/conf/zcsos-hotbackup.props";
our ($opt_help, $opt_verbose, $opt_version, $opt_type, $opt_account, $opt_prefix, $opt_mailto);

# Props defs
our $adminuser;
our $adminpass;
our $domain;
our $passworday;
our $path;
our $bkpper;

sub main {

# --- Get Options --- #
getoption();

# --- Get props program --- #
my $counter = 0;
my @prop_split = ();
open (PROPS, "$props") or error();
my @props_array = <PROPS>;
close(PROPS);

foreach(@props_array){

chomp($_);
@prop_split = split(/=/,$_);
if($counter == 0){$adminuser = $prop_split[1];}
if($counter == 1){$adminpass = $prop_split[1];}
if($counter == 2){$domain = $prop_split[1];}
if($counter == 3){$passworday = $prop_split[1];}
if($counter == 4 and !$opt_mailto){$opt_mailto = $prop_split[1];}
if($counter == 5){$path = $prop_split[1];}
if($counter == 6){$bkpper = $prop_split[1];}
$counter++;

}

$counter=0;

# --- My local vars --- #
my $dflog;
my @countlog=();
my $maillog;

# --- Log permission verify --- #
$maillog=`\$$which touch$ $log 2> /dev/null` if(not -e $log);
if((not -w $log) and ($opt_verbose==1)){

$opt_verbose=0;
logger("ERROR - Missing permissions to write to log file ZCSOS-Hotbackup");
mail("ERROR - Missing permissions to write to log file ZCSOS-Hotbackup") if($opt_mailto);
exit;

}

# --- Log control --- #
$dflog=`\$$which du$ $log 2> /dev/null`;
@countlog=split(/ /,$dflog);
if($countlog[0]>10240){logger("WARNING - Log more than 10Mb");}

# --- Init agent --- #
logger("INIT Agent");

# --- Verify path --- #
if(not -w $path){

logger("ERROR - Please create $path");
mail("ERROR - Please create $path") if($opt_mailto);
exit;

}

# --- Get accounts and backup or restore --- #
switch ($opt_type) {

case "B" { bkpa(); }
case "R" { resa(); }
else { logger("ERROR : Can't call function"); mail("ERROR - Wrong option type") if($opt_mailto); exit(1); }

}

# --- Send mail status job and exit --- #
$maillog=`\$$which tail$ -1 $log 2> /dev/null`;
mail("$maillog") if ($opt_mailto);
exit;

}

sub bkpa {

# --- My vars --- #
my @accounts=`\$$which zmprov$ -l gaa 2> /dev/null`;
my $accounts_ret=$?;
my $counter=0;
my $flag=0;
my $maillog;
my $date=strftime("%m-%d-%Y",localtime);
my $bkpdestaccount="$path/ACCOUNT-$date";
my $bkpdestfull="$path/FULL-$date";
my $cmd;
my $ducmd;
my @countdu=();
my @bkpsmain=();
my $checkbkp;

# --- Accounts problem --- #
if($accounts_ret!=0){

logger("ERROR - Cannot get ZCSOS accounts");
return;

}

# --- To backup one account --- #
if($opt_account){

# --- Search account --- #
foreach(@accounts){

chomp($_);
if($_ =~ $opt_account){

$flag++;
if($opt_verbose==1){logger("OK - Account $opt_account exist");}
last;

}

}

# --- Check if account exist --- #
if($flag==0){

logger("ERROR - Account $opt_account not exist in ZCS");
return;

}

# --- Validate destiny --- #
$bkpdestaccount="$path/ACCOUNT-$date";
$cmd;

if(not -e $bkpdestaccount){

$cmd=`\$$which mkdir$ -p $bkpdestaccount`;
logger("Create backup folder $bkpdestaccount");

}

$flag=0;

# --- Run backup --- #
logger("Init backup $opt_account");

if($opt_verbose==1){

$cmd=`\$$which curl$ -S -v -k -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_account/?fmt=tgz > $bkpdestaccount/$opt_account.tgz 2>> $log`;
$cmd=`\$$which head$ -n20 $bkpdestaccount/$opt_account.tgz`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

$cmd=`\$$which curl$ -S -v -k -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_account/calendar?fmt=ics > $bkpdestaccount/$opt_account.ics 2>> $log`;
$cmd=`\$$which head$ -n20 $bkpdestaccount/$opt_account.ics`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

}

else{

$cmd=`\$$which curl$ -S -v -k -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_account/?fmt=tgz > $bkpdestaccount/$opt_account.tgz`;
$cmd=`\$$which head$ -n20 $bkpdestaccount/$opt_account.tgz`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

$cmd=`\$$which curl$ -S -v -k -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_account/calendar?fmt=ics > $bkpdestaccount/$opt_account.ics`;
$cmd=`\$$which head$ -n20 $bkpdestaccount/$opt_account.ics`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

}

# --- Thresholds --- #
if($flag>0){

logger("ERROR: Backup account $opt_account fail");
return;

}

else {

logger("SUCCESS: Backup account $opt_account finished");
return;

}

}

# --- Full backup --- #
else{

# --- Verify if exist a old backup --- #
if(!$bkpper){$bkpper=0;}

$counter=0;

@bkpsmain=`\$$which ls$ -tr $path`;

foreach(@bkpsmain){

chomp($_);
if ($_ =~ "FULL"){
if($counter>=$bkpper){

$checkbkp=`\$$which rm$ -rf $path/$_`;
logger("BACKUP $_ removed");

}

$counter++;

}

}

$counter=0;

# --- Validate destiny --- #
if(not -e $bkpdestfull){

$cmd=`\$$which mkdir$ -p $bkpdestfull`;
logger("Create backup folder $bkpdestfull");

}

# --- Init backup --- #
logger("Init backup all accounts");

foreach(@accounts){

chomp($_);

if($opt_verbose==1){

logger("$counter ACCOUNT: $_");

$cmd=`\$$which curl$ -v -k -u $adminuser:$adminpass https://127.0.0.1:7071/home/$_/?fmt=tgz > $bkpdestfull/$_.tgz 2>> $log`;
$cmd=`\$$which head$ -n20 $bkpdestfull/$_.tgz`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

$cmd=`\$$which curl$ -v -k -u $adminuser:$adminpass https://127.0.0.1:7071/home/$_/calendar?fmt=ics > $bkpdestfull/$_.ics 2>> $log`;
$cmd=`\$$which head$ -n20 $bkpdestfull/$_.ics`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

}

else{

$cmd=`\$$which curl$ -v -k -u $adminuser:$adminpass https://127.0.0.1:7071/home/$_/?fmt=tgz > $bkpdestfull/$_.tgz`;
$cmd=`\$$which head$ -n20 $bkpdestfull/$_.tgz`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}
$cmd=`\$$which curl$ -v -k -u $adminuser:$adminpass https://127.0.0.1:7071/home/$_/calendar?fmt=ics > $bkpdestfull/$_.ics`;
$cmd=`\$$which head$ -n20 $bkpdestfull/$_.ics`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

}

$counter++;

}

# --- Thresholds --- #
if($flag>=$counter){

logger("ERROR: Backup full fail");
return;

}

if($flag>1){

logger("WARNING: Backup full finished with warnings");
return;

}

if($flag==0){

logger("SUCCESS: Backup full finished successfully");
return;

}

}

}

sub resa {

# --- Get accounts --- #
my @accounts=`\$$which zmprov$ -l gaa`;
my $accounts_ret=$?;
my $counter=0;
my $flag=0;
my $flag_prefix=0;
my @tgzbkp=();
my @icsbkp=();
my @abkp=();
my $cmd;
my $last;
my $tempa;
my $tempb;

# --- Accounts problem --- #
if($accounts_ret!=0){

logger("ERROR - Cannot get ZCSOS accounts");
return;

}

# --- To restore one account --- #
if($opt_account){

# --- Check if account exist in backup --- #
@tgzbkp=`\$$which find$ $path -name "$opt_account*tgz" | \$$which sort$ -r`;
@icsbkp=`\$$which find$ $path -name "$opt_account*ics" | \$$which sort$ -r`;

if(!$tgzbkp[0] or !$icsbkp[0]){

logger("ERROR - You dont have backup to account: $opt_account");
return;

}

logger("OK - Backup exist in $tgzbkp[0] and $icsbkp[0]");

# --- Search account --- #
foreach(@accounts){

chomp($_);
if($_ =~ $opt_account){

$flag++;
if($opt_verbose==1){logger("OK - Account $opt_account exist");}

}

if($_ =~ "$opt_prefix.$opt_account"){

$flag_prefix++;
if($opt_verbose==1){logger("WARNING - Account prefix $opt_prefix.$opt_account exist");}

}

}

# --- Exit if account not exit in Zimbra --- #
if($flag==0){

logger("ERROR - Account $opt_account not exist in ZCS");
return;

}

$flag=0;

if(!$opt_prefix){

# --- Run restore --- #
logger("Init restore $opt_account");
chomp($tgzbkp[0]);
chomp($icsbkp[0]);

if($opt_verbose==1){

$cmd=`\$$which curl$ -v -k --data-binary \@$tgzbkp[0] -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_account/?fmt=tgz 2>> $log`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}
$cmd=`\$$which curl$ -v -k --data-binary \@$icsbkp[0] -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_account/calendar?fmt=ics 2>> $log`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

}

else{

$cmd=`\$$which curl$ -v -k --data-binary \@$tgzbkp[0] -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_account/?fmt=tgz`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}
$cmd=`\$$which curl$ -v -k --data-binary \@$icsbkp[0] -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_account/calendar?fmt=ics`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

}

# --- Thresholds --- #
if($flag>0){

logger("ERROR: Restore account $opt_account fail");
return;

}

if($flag==0){

logger("SUCCESS: Restore account $opt_account done");
return;

}

}

if(($opt_prefix) and ($flag_prefix==0)){

# --- Run restore --- #
logger("Init restore $opt_prefix.$opt_account");
chomp($tgzbkp[0]);
chomp($icsbkp[0]);

if($opt_verbose==1){

$cmd=`\$$which zmprov$ ca $opt_prefix.$opt_account $passworday 2>> $log`;
$cmd=`\$$which curl$ -v -k --data-binary \@$tgzbkp[0] -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_prefix.$opt_account/?fmt=tgz 2>> $log`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}
$cmd=`\$$which curl$ -v -k --data-binary \@$icsbkp[0] -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_prefix.$opt_account/calendar?fmt=ics 2>> $log`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

}

else{

$cmd=`\$$which zmprov$ ca $opt_prefix.$opt_account $passworday`;
$cmd=`\$$which curl$ -v -k --data-binary \@$tgzbkp[0] -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_prefix.$opt_account/?fmt=tgz`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}
$cmd=`\$$which curl$ -v -k --data-binary \@$icsbkp[0] -u $adminuser:$adminpass https://127.0.0.1:7071/home/$opt_prefix.$opt_account/calendar?fmt=ics`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

}

# --- Thresholds --- #
if($flag>0){

logger("ERROR: Restore account $opt_account fail");
return;

}

if($flag==0){

logger("SUCCESS: Restore done - your account is: $opt_prefix.$opt_account and your password is $passworday");
return;

}

} else {

logger("ERROR - Account $opt_prefix.$opt_account exist in ZCSOS");
return;

}

}

# --- Full restore --- #
else{

# --- Get a last backup --- #
$last=`\$$which ls$ $path | \$$which grep$ FULL`;

if(!$last){

logger("ERROR - Not exist last backup");
return;

}

# --- Get all backuped accounts --- #
chomp($last);
@abkp=`\$$which ls$ $path/$last/*.tgz`;

# --- Backup validated --- #
if($#accounts>$#abkp){

logger("WARNING - ZCS have more accounts than your last backup");

}

# --- Init backup --- #
logger("Init restore all accounts");

# --- Restore accounts --- #
foreach(@abkp){

chomp($_);

if($_ =~ /^.+\/(.+)\.tgz$/){$tempa=$1;}
if($_ =~ /^(.+)\.tgz$/){$tempb=$1;}

if($opt_verbose==1){

logger("$counter ACCOUNT RESTORE: $tempa");

$cmd=`\$$which zmprov$ ca $tempa $passworday 2>> $log`;
$cmd=`\$$which curl$ -v -k --data-binary \@$_ -u $adminuser:$adminpass https://127.0.0.1:7071/home/$tempa/?fmt=tgz 2>> $log`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}
$cmd=`\$$which curl$ -v -k --data-binary \@$tempb\.ics -u $adminuser:$adminpass https://127.0.0.1:7071/home/$tempa/calendar?fmt=ics 2>> $log`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

} else{

$cmd=`\$$which zmprov$ ca $tempa $passworday`;
$cmd=`\$$which curl$ -v -k --data-binary \@$_ -u $adminuser:$adminpass https://127.0.0.1:7071/home/$tempa/?fmt=tgz`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}
$cmd=`\$$which curl$ -v -k --data-binary \@$tempb\.ics -u $adminuser:$adminpass https://127.0.0.1:7071/home/$tempa/calendar?fmt=ics`;
if(($cmd =~ "HTTP ERROR") or ($cmd =~ "Authentication problem")){$flag++;}

}

$counter++;

}

# --- Thresholds --- #
if($flag>=$counter){

logger("ERROR: Restore full fail");
return;

}

if($flag>1){

logger("SUCCESS: Restore full finished with warnings");
return;

}

if($flag==0){

logger("SUCCESS: Restore full finished without errors");
return;

}

}

}

sub getoption {

Getopt::Long::Configure('bundling');
GetOptions(
'A|account=s' => \$opt_account,
'M|mail=s' => \$opt_mailto,
'P|prefix=s' => \$opt_prefix,
'T|type=s' => \$opt_type,
'V|version' => \$opt_version,
'h|help' => \$opt_help,
'v|verbose=i' => \$opt_verbose,
);

if($opt_help){

printHelp();
exit;

}

if($opt_version){

print "$name - '$version'\n";
exit;

}

if(!$opt_verbose){

$opt_verbose = 1;

}

if(!$opt_type){

print "ERROR - Missing option type\n";
exit;

}

}

sub logger {

return (0) if (not defined $opt_verbose);

my $msg = shift (@_);
my $date=strftime("%m-%d-%Y",localtime);

my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst)=localtime(time);
$wday++;
$yday++;
$mon++;
$year+=1900;
$isdst++;

if ($opt_verbose == 0){

print "$msg\n";

} else {

open(LOG, ">>$log") or do {

if($opt_mailto){

mail("JOB FAIL");
exit;

} else {

print "ERROR - Unable to write to the log agent\n";
exit;

}

};

printf LOG ("%02i/%02i/%i - %02i:%02i:%02i => %s\n",$mday,$mon,$year,$hour,$min,$sec,$msg);
close(LOG);

}

}

sub mail {

# --- My vars --- #
my $msg = shift (@_);
my $date=strftime("%m-%d-%Y",localtime);
my $smtp;

# --- Mail API --- #
$smtp = Net::SMTP->new('127.0.0.1');
$smtp->mail("$adminuser");
$smtp->auth("$adminuser","$adminpass");
$smtp->to("$opt_mailto");
$smtp->data();
$smtp->datasend("Subject: JOB ZCSOS-Hotbackup (Zimbra) - report $date\n");
$smtp->datasend("MIME-Version: 1.0\n");
$smtp->datasend("Content-type: text/html\n");
$smtp->datasend("Content-Transfer-Encoding: 7bit\n");
$smtp->datasend("\n");
$smtp->datasend("$msg\n\n");
$smtp->dataend();
$smtp->quit;

}

sub printHelp {

my $help = <<'HELP';

ZCSOS-Hotbackup : On-line backup with Zimbra Open Source Edition.

Requirements:

- To use the ZCSOS-Hotbackup directory '/opt/backup/zimbra' must exist and its owner must be the same user running the Zimbra suite.
- Curl.

Controls:

- FULL backup: You can restore just a last backup
- Log rotate : When the log be 10MB it will be removed if you want to keep it back up the log as well.

Syntax:

-A : If backup or restore is for a unique account specify account in this arg

-M : Send status of job by e-mail

-P : Prefix to destiny account in restor process

-T : Restore(R) or Backup(B)

-V : Version

-h : Help

-v 1: Send to log
-v 0: Show log in console

Example:

Backup full : /opt/zimbra/bin/zcsos-hotbackup.pl -T B -v 1 -M suporte@km2.com.br
Backup account : /opt/zimbra/bin/zcsos-hotbackup.pl -T B -A prestesg@domain.com -v 1 -M suporte@km2.com.br
Restore full : /opt/zimbra/bin/zcsos-hotbackup.pl -T R -v 1 -M suporte@km2.com.br
Restore account : /opt/zimbra/bin/zcsos-hotbackup.pl -T R -A prestesg@domain.com -v 1 -M suporte@km2.com.br
Restore account with prefix : /opt/zimbra/bin/zcsos-hotbackup.pl -T R -A prestesg@domain.com -P test -v 1 -M suporte@km2.com.br

Required APIs:

use strict;
use Getopt::Long;
use POSIX;
use File::Basename;
use Switch;
use Net::SMTP;

Support: suporte@km2.com.br

Author's words: Only Jesus can save him from the apocalypse.

HELP

system("clear");
print $help;

}
&main

2 - Dê permissão de execução ao arquivo do item 1.

3 - Crie o arquivo '/opt/zimbra/conf/zcsos-hotbackup.props' com o seguinte conteúdo:

adminuser=admin
adminpass=teste123
domain="\@km2.com.br"
passworday=testkm2
opt_mailto=helkmut@gmail.com
pathbackup=/opt/zimbra/backup
backup_persistence=2

4 - Crie o diretório '/opt/zimbra/backup' e coloque como owner o usuário 'zimbra'.

5 - Coloque o seguinte conteúdo no Crontab do usuário 'zimbra':

# BACKUP BEGIN

00 18 * * * /opt/zimbra/bin/zcsos-hotbackup.pl -T B

# BACKUP END

6 - Todos os arquivos dos passos acima devem ser arquivos do usuário 'zimbra', altere o owner.

Explicando o funcionamento.

O arquivo '/opt/zimbra/conf/zcsos-hotbackup.props' contêm as propriedades do funcionamento do agente, logo:

adminuser=admin - É o usuário que executará o backup (o ideal é criar um outro usuário administrador só para o backup)
adminpass=teste123 - Senha deste usuário
domain="\@km2.com.br" - Domínio do seu servidor de e-mails
passworday=testkm2 - Senha temporária para caso restaure uma conta
opt_mailto=helkmut@gmail.com - E-mail que receberá os logs de execução dos backups
pathbackup=/opt/zimbra/backup - Caminho de armazenamento dos backups.
backup_persistence=2 - Número de backups FULL que serão persistidos no disco.

Help do agente:

ZCSOS-Hotbackup : On-line backup with Zimbra Open Source Edition.

Requirements:

- To use the ZCSOS-Hotbackup directory '/opt/backup/zimbra' must exist and its owner must be the same user running the Zimbra suite.

- Curl.

Controls:

- FULL backup: You can restore just a last backup

- Log rotate : When the log be 10MB it will be removed if you want to keep it back up the log as well.

Syntax:

-A : If backup or restore is for a unique account specify account in this arg

-M : Send status of job by e-mail

-P : Prefix to destiny account in restor process

-T : Restore(R) or Backup(B)

-V : Version

-h : Help

-v 1: Send to log

-v 0: Show log in console

Example:

Backup full : /opt/zimbra/bin/zcsos-hotbackup.pl -T B -v 1 -M suporte@km2.com.br

Backup account : /opt/zimbra/bin/zcsos-hotbackup.pl -T B -A prestesg@domain.com -v 1 -M suporte@km2.com.br

Restore full : /opt/zimbra/bin/zcsos-hotbackup.pl -T R -v 1 -M suporte@km2.com.br

Restore account : /opt/zimbra/bin/zcsos-hotbackup.pl -T R -A prestesg@domain.com -v 1 -M suporte@km2.com.br

Restore account with prefix : /opt/zimbra/bin/zcsos-hotbackup.pl -T R -A prestesg@domain.com -P test -v 1 -M suporte@km2.com.br

Required APIs:

use strict;

use Getopt::Long;

use POSIX;

use File::Basename;

use Switch;

use Net::SMTP;

Support: suporte@km2.com.br

Author's words: Only Jesus can save him from the apocalypse.

Vida de DBA

terça-feira, 27 de setembro de 2011

GroundWork - Criar gráficos de performance para um AIC

Criar gráficos de performance

segunda-feira, 26 de setembro de 2011

JBoss - Usando o JConsole e JVisualM no JBoss

sexta-feira, 23 de setembro de 2011

Zimbra - Backup Online do ZCSOS

Postagens populares