This small gist holds historical info, and tries to help sysadmins manage their rather old Xenserver which is still in production
-
export xenvg=`vgscan | grep VG_XenStorage | awk -F'"' {' print $2 '}` -
lvcreate -L 30G -n xenhostdata ${xenvg} -
mkfs.ext3 -L xenhostdata /dev/${xenvg}/xenhostdata -
mkdir -p /media/data -
mount /dev/${xenvg}/xenhostdata /media/data -
lvchange -a y /dev/${xenvg}/xenhostdata -
echo "lvchange -a y /dev/${xenvg}/xenhostdata" >> /etc/rc.d/rc.local -
echo "mount /dev/${xenvg}/xenhostdata /media/data" >> /etc/rc.d/rc.local -
Now you will need to replace /etc/yum.repos.d/CentOS-Base.repo with the one found in this gist so you can move on.
cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo-citrix : > /etc/yum.repos.d/CentOS-Base.repo wget -O /etc/yum.repos.d/CentOS-Base.repo --no-check-certificate "https://gist.githubusercontent.com/gnanet/795a6fa2d83d83120e80e65d4dd129d9/raw/829ea352b146da089aa02c26433474dd7ea34fb5/CentOS-Base.repo"
First you will surely need the epel repository
yum --enablerepo=extras install epel-release
Now you are ready to install tools like mc screen htop and even fail2ban, but prior installing fail2ban the e-mail setup also needs to be done.
For now lets install the first three
yum --enablerepo=epel --enablerepo=base install mc htop screen
With 30GB of data, you can add an ISO library for local saved .iso installers with following, and start with adding debian 9 dvd
mkdir -p /media/data/iso
xe sr-create name-label=LocalISO type=iso device-config:legacy_mode=true device-config:location=/media/data/iso content-type=iso
wget --no-check-certificate "https://cdimage.debian.org/cdimage/release/current/amd64/iso-dvd/debian-9.4.0-amd64-DVD-1.iso"
Next important step, is get a patcher script on your XenServer
mkdir -p /media/data/patch
mkdir -p /media/data/bin
wget --no-check-certificate -O /media/data/bin/patcher.py https://raw.github.com/dalgibbard/citrix_xenserver_patcher/master/patcher.py
chmod a+x /media/data/bin/patcher.py
cd /media/data/patch
About the usage of the automated patcher please head on to: https://github.com/dalgibbard/citrix_xenserver_patcher
Last but not least: fail2ban. Prepare a remote server and SMTP access data, and replace all relevant parts in the template below. First secure a copy of the original ssmtp.conf
cp /etc/ssmtp/ssmtp.conf /etc/ssmtp/ssmtp.conf.bak
then create a new one with your data.
echo "root=your@email.tld
mailhub=mail.server.tld:587
rewriteDomain=server.tld
hostname=your.server.tld
AuthUser=some@email.tld
AuthPass=thepassword" > /etc/ssmtp/ssmtp.conf
Now you can install fail2ban:
yum --enablerepo=epel --enablerepo=base install fail2ban
For further configuration please consult the manuals of fail2ban.