Installing Fedora 16 on Power 7

If you have a new Power 7 box running IBM i, and you still have some more processing units or virtual processors, you could start considering using Linux.

At first time you take a look into IBM Power Linux website, you could see only 2 Linux distro for PowerPC / POWER processors: Suse Linux and Red Hat. Both distros are enterprise and has a cost... but someone told you about how good is Linux and free!!!

Power 7 users are lucky. There is some groups of users developing linux for PowerPC/POWER architectures. On of them is Fedora PowerPC/POWER proyect. They released Fedora 16 in December 2011 and it´s time to check an install in Power 7.

Getting ready with  Fedora in Power 720.
I havent yet got the HMC or SDMC installed , so my only choice is to use a DVD or virtual DVD and installed via IVM. Those are the steps to get ready with a Linux install via IVM:

1. Download the iso file from: Fedora 16 Mirrors, and be sure to type "ppc". In this example, i will install ppc64.
2. Rename the file. IVM doesnt like some characters when creating media in Virtual Optical Media. Just renamed as: fedora16.iso.
3. Ftp the file to your VIOS server. By default in /home/user/
4. Open the Integrated Virtualization manager and go to: View/Modify Virtual Storage.

The Virtual Optical Media resides, by default, in rootvg. If you have no 2.5Gb free for Fedora 16 iso file, you should "extend" the library clicking on "Extend Library".

5. Click on "Add Media" -> "Add existing File" -> Optical media file name "/home/user/fedora16.iso". You should see a list as below after download the file:

First Fedora16 boot.
Fedora 16 needs 1024Mb memory to install. I didnt test with 512 or 256, but i move down memory to 256Mb and Fedora works fine.

1. Create a Linux Partition and be sure you create a Virtual Optical device.Assign 1Gb Memory.
2. Assign "fedora16.iso" as current media of the virtual optical device.

3. View/Modify Partitions -> check your linux partition and activate it.
4. Open a Linux console. Check if "Enconding" is type "UTF-8" or you will see weird characters during the install.
 Select your partition and select in the check box "More Tasks". Use the password of you IVM user.
5. Wait until you get the inital menu of "yaboot". Fedora 16 ppc distro onlyahas one install profile, so, nothing special to do here. Just type "Enter" and go.
6. Follow the installations steps.
7. When the install is finish, the console will ask you to "Reboot". Wait a little bit, we can change here the boot mode to boot from disk next time.
8. In IVM View/modify parttions, click on your linux partition and change the boot mode to "System Management Services (SMS).

9. Go again to the console, and reboot.
10. You should see the SMS menú of the linux partition. Change the Boot Options and be sure "Disk" is the first in the list.

11. Exit from SMS and wait until the partition start.

And it´s done!. Now you have a clean and free Fedora 16 running on your Power machine.

Read More

Installing RSYNC on iSeries / AS400

Everday im digging more and more about iSeries PASE, my ydill with iSeries get better… and also with the Unix world.

Once i tested the syslog tool from PASE, i started wondering how it could be posible to monitor logs data on real-time. A FTP based solution seems complicated and a RPG/Sockect application is out of my skills. SYSLOG is good to handle system logs, but i need something more robust and i dont want to change programs to move logs over SYSLOG.

But i found RSYNC!.

Rsync  is a tool that synchronizes files and directories in local or in remote server. If the file doesnt exist in a new folder or remote server, RSYNC will create it. If the file exists, RSYNC will send only the differences. That seems perfect for send logs over the network and get a mirror sending only the last entries in the files. This has been in use for a long time in UNIX-like systems and Windows, so it´s time to use it in AS400 iSeries!.

 

In my enviroment i have 4 IBM i servers running telnet, ftp and webserver services. Several flat files are generated daily from Apache, TSM and ODBC sessions (Exit Points). I want to send all this data to SPLUNK (or your favourite software to analize data) and indexing for audit. monitor or perfomance analysis. And I really need to know what´s going on in my web server in real time.

 

First thing we can find about rsync and AS400 is a ibm link telling to us that rsync doesnt come in the IBM iSeries PASE Enviroment, but it sends us to Youngiprofessionals to get ideas about how to install it.

Thanks to the amazing work of Tony „Ranger“ Cairns, we have a great tutorial in youngiprofesionalls  about how to install pre-compiled Open Source binaries coming from the AIX Toolbox for Linux Applications.This is really amazing...imagine to have all the power of Linux applications on IBM i!.

Follow the steps of Tony, install RPM (you will need RPM to install all binaries in IBM i PASE) and wget. If you have proxy or it doesnt work WGET, just download the applications from here.

 

Once you have RPM installed, try to run the wwwinstall.sh command, if this doesnt work, see below.

Installing RSYCN.

Dowload the last version of rsync here ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/rsync/.

ftp myIseries

bin

cd /QOpenSys/opt

put rsync*

And now, we just need to install:

STRQSH

cd /QOpenSys/opt

rpm --ignoreos --ignorearch --nodeps --replacepkgs –hUv rsync-xxx.ppc.rpm (your rsync version)

test if RSYNC is installed, just run rsync –h

Running and testing RSYNC.

Rsync can run as a daemon or as a submit job. There is several manuals out there to check how to use it. If it works for Unix or Linux, will work for IBM i!.

But for testing, if you want to synchronize 2 folders in AS400:

rsync -avz  /Myfolder1  /Myfolder2.

sending incremental file list                                 

Logs/ACCESS.LOG                                               

 Logs/ERROR.LOG                                                 

 Logs/STATS.LOG                                                

                                                               

 sent 68448 bytes  received 73 bytes  137042.00 bytes/sec      

 total size is 862256  speedup is 12.58 

if i try again the same command:             

sent 109 bytes  received 13 bytes  244.00 bytes/sec 

You can schedule this command in IBM i or configure a daemon.  With this tool, it´s posible to replicate everything from PASE.

 

Read More

Monitoring ODBC and FTP Login entries to SYSLOG

Now that Syslog in IBM i is working and sending data to a remote server, i think i will use for auditing ODBC and FTP entries on my system.

I have already a FTP Server Request Validation exit point to control what the ftp users can do on my server, but it´s writing a lot of data into a database log. For auditing reason im just interested in audit the logon for users coming in FTP and ODBC server. Basically, using Exit Points programs, you can send whatever you need to SYSLOG: telnet sessions, audit change of users profiles, BRMS logs, etc.

I made a basic CL program based n TCPL0100 parameters that send messages to the syslog daemon when a user login into FTP. Using the PASE command "logger",  i just send:

STRQSH CMD('/QOpenSys/bin/logger -p 5 -t FTPSERVER message_text)

result in the file /var/adm/messages:

 Jan  2 12:19:38 my-AS400 user:notice FTPSERVER: Login by user: JOHN

and in the remote server i got:

Jan  2 12:19:38 splunk-server user:notice Message forwarded from my-AS400: FTPSERVER: Login by user: JOHN

The parameter "p" setup the level of the log that could be:

0 Emergency: system is unusable
1 Alert: action must be taken immediately
2 Critical: critical conditions
3 Error: error conditions
4 Warning: warning conditions
5 Notice: normal but significant condition
6 Informational: informational messages
7 Debug: debug-level messages

Read More

Remote SYSLOGD from AS400 to UNIX or Linux Servers.

I started this blog at the same time im wondering how to integrate AS400 system logs with a centralized log system. In my study im going to use SPLUNK, but the purposals of this post could apply to every log system.

For my proyect, i´d like to send all kind of logs to Splunk: system logs, audit logs and application logs.

What do i need?
To send system logs via tcp or udp to the centralized log system in real-time, where i can query or analyze or simple keep the data.

For system logs i heard about "syslog" as a standard for computer data logging. Syslog can be used for computed system management, debugging, analysis or audit security. In most of the cases, the implementation of Syslog came because some internal audit wants to keep all log form all systems in the same format and centralized.

Syslog is integrated in most of the system inside the O.S. Unfortunately is does not log any system operator messages, ftp, tcp, login or QAUDJRN. AS400 "per se" has a wonderful loggin system like QSYSOPR message queue, QHST logs and QAUDJRN, so i guess, that´s the point of IBM to dont implement Syslog.

Somehow, im tired of the "you cant do this with AS400" and the AS400 is not "out of the box" system.

But in the wonderful PASE for System i, we have the choice to install  the Syslog / Syslogd API to log messages from CL or RPG programms, and it could be posible to build several "Exit Points" programs to log into Syslog.

Installing Syslog.
Syslog is included into the Licensed Program 5761SS1, Option 33 Portable App Solutions Enviroments.

To check the correct installation:

STRQSH -> cd /QOpenSys/usr/sbin
 syslogd -h                                                                             
 /QOpenSys/usr/sbin/syslogd: illegal option -- h                                        
 usage: syslogd [-d] [-s] [-n] [-N] [-r] [-mmarkinterval] [-ppath] [-fconffile] [-Mall] 

Syslogd is the daemon that needs to be run to start loggin into the system. But first, we have to configure syslog editing the syslog.conf file. In most of the unix dedicated pages to Syslog , you could check how to configure syslog (rotating logs files,device or file to put the logs, etc).

Syslog has different facilities to configure for logging (mail server, kernel, authorization) but this will not work with AS400. The only now that i already now is using the parse command "logger" that i will explain later.

Configuring syslog.conf.
In Unix system, syslog.conf is allocated in: /etc/syslog.conf, but in AS400 we need to create it  in /QOpenSys/etc:

syslog.conf
 *.emerg;*.alert;*.crit;*.warning;*.err;*.notice;*.info  /var/adm/messages

With this entry, i will send logs to the file /var/adm/messages (note: create the file messages with the command: touch messages).

After that, you could start SYSLOGD daemons in batch:
SBMJOB CMD(STRQSH CMD('/QOpenSys/usr/sbin/syslogd'))

and check the file to see what happends. You should see and entry like:
Dec 29 14:27:40 SYSTEM-NAME syslog:info syslogd: restart

Adding entries to syslog.

The only way i found is using the command "logger". If you need something better, please feedback :). Logger will send an event to the syslog daemon that we have running on batch.

strqsh
logger "some text"

check /var/adm/messages
Dec 29 14:27:40 SYSTEM-NAME syslog:info syslogd: restart
Dec 29 14:28:40 SYSTEM-NAME user:notice qsecofr: some test.


So, my idea now is how to use this API to log what i need from AS400 to Syslog: login, system errors, ftp access, odbc access, etc.

The cool thing: sending the logs to a remote server.
I have installed Splunk in a unix server. I told Splunk to get data from syslog coming from the file in Unix allocated in:
/var/adm/messages

The cool thing is that Syslog can send logs via tcp or udp. For testing purposal, i configured syslog for UDP (by default), but the problem os UDP is to lose some logs if network error happends.

Once i started syslog in UNIX or Linux (i thing for Windows you could use Winsyslog), i can change the configuration of syslog.conf in AS400 like:
 *.emerg;*.alert;*.crit;*.warning;*.err;*.notice;*.info  @my-loggingserver   
*.emerg;*.alert;*.crit;*.warning;*.err;*.notice;*.info  /var/adm/messages

With this config, i can see the logs in local and send the logs to a remote server.

End the Syslogd job and start it again and test sending some data with logger :)

Read More