fixup indentation
[racktables] / README.md
CommitLineData
2797f2c7
DO
1# Welcome!
2Thank you for selecting RackTables as your datacenter management solution!
3If you are looking for documentation or wish to send feedback, please
4look for the respective links at [project's web-site](http://racktables.org).
5
fde823aa
DO
6# How to install RackTables
7
8## 1. Prepare the server
9
10RackTables uses a web-server with PHP (5.2.10 or newer) for front-end and a
11MySQL/MariaDB server version 5 for back-end. The most commonly used web-server
12for RackTables is Apache httpd.
13
14### 1.1. Install MySQL server
15
16| Distribution | How to do |
17| ------------------ | ----------------------------------------------------------------------- |
18| ALTLinux 4.0 | `apt-get install MySQL-server` |
19| CentOS 5 | `yum install mysql-server mysql` |
20| Debian 6 | `aptitude install mysql-server-5.1` |
21| Debian 7 | `aptitude install mysql-server-5.1` |
22| Fedora 8-16 | `yum install mysql-server mysql` |
23| Fedora 23 | `dnf install mariadb-server mariadb` |
24| openSUSE 11.0 | YaST -> Software -> software management -> Web and LAMP server -> mysql |
38fd042d 25| openSUSE 42.1 | `zypper install mysql-community-server` |
fde823aa
DO
26| Scientific Linux 6 | `yum install mysql-server mysql` |
27| Ubuntu 14.04 | `apt-get install mysql-server` |
a4b869c7 28| Ubuntu 16.04 | `apt-get install mysql-server` |
fde823aa
DO
29
30### 1.2. Enable Unicode in the MySQL server
31
32| Distribution | How to do |
33| ------------------ | ------------------------------------------------------------------------------------------------------------------ |
34| ALTLinux 4.0 | add `CHSET=utf8` line to `/etc/sysconfig/mysqld` file and restart mysqld |
35| CentOS 5 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/my.cnf` file and restart mysqld |
36| Debian 6 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/mysql/my.cnf` file and restart mysqld |
37| Debian 7 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/mysql/my.cnf` file and restart mysqld |
38| Fedora 8-16 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/my.cnf` file and restart mysqld |
39| Fedora 23 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/my.cnf.d/mysqld-charset.cnf; systemctl restart mariadb``` |
40| openSUSE 11.0 | add `default-character-set=utf8` line to `[mysql]` section of `/etc/my.cnf` file and restart mysqld |
38fd042d 41| openSUSE 42.1 | No action required, comes configured for UTF-8 by default. |
fde823aa
DO
42| Scientific Linux 6 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/my.cnf` file and restart mysqld |
43| Ubuntu 14.04 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/mysql/conf.d/charset.cnf; service mysql restart``` |
a4b869c7 44| Ubuntu 16.04 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/mysql/conf.d/charset.cnf; service mysql restart``` |
fde823aa
DO
45
46### 1.3. Install PHP and Apache httpd (or nginx)
47
48| Distribution | How to do |
49| ------------------ | ------------------------------------------------------------------------------------ |
d32867b3
DO
50| ALTLinux 4.0 | `apt-get install apache2-httpd-prefork php5-gd2 php5-pdo_mysql php5-pdo apache2-mod_php5 php5-mbstring`
51| CentOS 5 | `yum install httpd php53 php53-mysql php53-pdo php53-gd php53-mbstring php53-bcmath` |
fde823aa
DO
52| Debian 6 | `aptitude install libapache2-mod-php5 php5-gd php5-mysql php5-snmp` |
53| Debian 7 (nginx) | `aptitude install nginx php5-fpm` **(see note below)** |
d32867b3
DO
54| Fedora 8-16 | `yum install httpd php php-mysql php-pdo php-gd php-snmp php-mbstring php-bcmath` |
55| Fedora 23 | `dnf install httpd php php-mysql php-pdo php-gd php-snmp php-mbstring php-bcmath` |
56| FreeBSD 8 | see note below |
fde823aa 57| openSUSE 11.0 | use YaST to install apache2-mod_php5, php5-gd, php5-mbstring, php5-mysql, php5-bcmath, php5-snmp and php5-ldap
38fd042d 58| openSUSE 42.1 | `zypper install apache2-mod_php5 php5-gd php5-mbstring php5-mysql php5-bcmath` |
fde823aa 59| Scientific Linux 6 | `yum install httpd php php-mysql php-pdo php-gd php-mbstring php-bcmath` |
d32867b3 60| Ubuntu 14.04 | `apt-get install apache2-bin libapache2-mod-php5 php5-gd php5-mysql php5-snmp` |
e5c4b20b 61| Ubuntu 16.04 | `apt-get install apache2-bin libapache2-mod-php7.0 php7.0-gd php7.0-mysql php7.0-mbstring php7.0-bcmath php7.0-json php7.0-snmp`
fde823aa
DO
62
63#### 1.3.a. Debian 7 with nginx
2797f2c7
DO
64Remember to adjust `server_name` in `server {}` section, otherwise your logout link
65will point to localhost (and thus fail).
66Notice, that fpm.sock is advised, keep the rest on default configuration, or
67tweak to your needs. You may need to set `fastcgi_read_timeout 600;` if you use
68some external addons like fping, which may take some time in certain situations.
69Please note that setting aggresive caching for php scripts may result in stale
70content - so maximum of 60 seconds is advised, but by default it is not enabled.
71
fde823aa 72#### 1.3.b. FreeBSD 8
2797f2c7
DO
73```
74# make -C /usr/ports/www/apache13-modssl install
75# make -C /usr/ports/www/php5-session install
76[X] CLI Build CLI version
77[X] APACHE Build Apache module
78[X] MULTIBYTE Enable zend multibyte support
79# make -C /usr/ports/graphics/php5-gd install
80# make -C /usr/ports/databases/php5-pdo_mysql install
81# make -C /usr/ports/devel/pcre install
82!!! Enable UTF-8 support ............ : yes
83!!! Unicode properties .............. : yes
84# make -C /usr/ports/devel/php5-pcre install
85# make -C /usr/ports/converters/php5-mbstring install
86[X] REGEX Enable multibyte regex support
87
88# make -C /usr/ports/net-mgmt/php5-snmp install
89# make -C /usr/ports/net/php5-ldap install
90```
91
fde823aa 92## 2. Copy the files
2797f2c7
DO
93Unpack the tar.gz/zip archive to a directory of your choice and configure Apache
94httpd to use `wwwroot` subdirectory as a new DocumentRoot. Alternatively,
95symlinks to `wwwroot` or even to `index.php` from an existing DocumentRoot are
96also possible and often adisable (see `README.Fedora`).
97
fde823aa 98## 3. Run the installer
2797f2c7
DO
99Open the configured RackTables URL and you will be prompted to configure
100and initialize the application.
101
8c5b4ba3
DO
102| Distribution | Apache httpd UID:GID | MySQL UNIX socket path |
103| --------------- | ----------------------- | -------------------------------- |
104| Fedora 23 | `apache:apache` | `/var/lib/mysql/mysql.sock` |
38fd042d 105| openSUSE 42.1 | `wwwrun:www` | `/var/run/mysql/mysql.sock` |
8c5b4ba3 106| Ubuntu 14.04 | `www-data:www-data` | `/var/run/mysqld/mysqld.sock` |
d1c79f04 107| Ubuntu 16.04 | `www-data:www-data` | `/var/run/mysqld/mysqld.sock` |
8c5b4ba3 108
fde823aa 109# How to upgrade RackTables
2797f2c7
DO
110
1110. **Backup your database** and check the release notes below before actually
112 starting the upgrade.
1131. Remove all existing files except configuration (the `inc/secret.php` file)
114 and local plugins (in the `plugins/` directory).
1152. Put the contents of the new tar.gz/zip archive into the place.
1163. Open the RackTables page in a browser. The software will detect version
117 mismatch and display a message telling to log in as admin to finish
118 the upgrade.
1194. Do that and report any errors to the bug tracker or the mailing list.
120
121## Release notes
122
c5c39ee5
AA
123### Upgrading to 0.20.11
124
d40d136a 125New `IPV4_TREE_SHOW_UNALLOCATED` configuration option introduced to disable
c5c39ee5 126dsplaying unallocated networks in IPv4 space tree. Setting it also disables
e1e193fe 127the "knight" feature.
c5c39ee5 128
2797f2c7
DO
129### Upgrading to 0.20.7
130
131From now on the minimum (oldest) release of PHP that can run RackTables is
1325.2.10. In particular, to continue running RackTables on CentOS 5 it is
133necessary to replace its php* RPM packages with respective php53* packages
134before the upgrade (except the JSON package, which PHP 5.3 provides internally).
135
136Database triggers are used for some data consistency measures. The database
137user account must have the 'TRIGGER' privilege, which was introduced in
138MySQL 5.1.7.
139
140The `IPV4OBJ_LISTSRC` configuration option is reset to an expression which enables
141the IP addressing feature for all object types except those listed.
142
143Tags could now be assigned on the Edit/Properties tab using a text input with
144auto-completion. Type a star '*' to view full tag tree in auto-complete menu.
145It is worth to add the following line to the permissions script if the
146old-fashioned 'Tags' tab is not needed any more:
147```
148 deny {$tab_tags} # this hides 'Tags' tab
149```
150
151This release converts collation of all DB fields to the `utf8_unicode_ci`. This
152procedure may take some time, and could fail if there are rows that differ only
153by letter case. If this happen, you'll see the failed SQL query in upgrade report
154with the "Duplicate entry" error message. Feel free to continue using your
155installation. If desired so, you could eliminate the case-duplicating rows
156and re-apply the failed query.
157
158### Upgrading to 0.20.6
159
160New `MGMT_PROTOS` configuration option replaces the `TELNET_OBJS_LISTSRC`,
161`SSH_OBJS_LISTSRC` and `RDP_OBJS_LISTSRC` options (converting existing settings as
162necessary). `MGMT_PROTOS` allows to specify any management protocol for a
163particular device list using a RackCode filter. The default value
164(`ssh: {$typeid_4}, telnet: {$typeid_8}`) produces `ssh://server.fqdn` for
165servers and `telnet://switch.fqdn` for network switches.
166
167### Upgrading to 0.20.5
168
169This release introduces the VS groups feature. VS groups is a new way to store
170and display virtual services configuration. There is a new "ipvs" (VS group)
171realm. All previously existing VS configuration remains functional and user
172is free to convert it to the new format, which displays it in a more natural way
173and allows to generate virtual_server_group keepalived configs. To convert a
174virtual service to the new format, it is necessary to manually create a VS group
175object and assign IP addresses to it. The VS group will display a "Migrate" tab
176to convert the old-style VS objects, which can be removed after a successful
177conversion.
178
179The old-style VS configuration becomes **deprecated**. Its support will be removed
180in a future major release. So it is strongly recommended to convert it to the
181new format.
182
183### Upgrading to 0.20.4
184
185Please note that some dictionary items of Cisco Catalyst 2960 series switches
186were renamed to meet official Cisco classification:
187
188old name | new name
189------------|---------
1902960-48TT | 2960-48TT-L
1912960-24TC | 2960-24TC-L
1922960-24TT | 2960-24TT-L
1932960-8TC | 2960-8TC-L
1942960G-48TC | 2960G-48TC-L
1952960G-24TC | 2960G-24TC-L
1962960G-8TC | 2960G-8TC-L
197C2960-24 | C2960-24-S
198C2960G-24PC | C2960-24PC-L
199
200The `DATETIME_FORMAT` configuration option used in setting date and time output
201format now uses a [different](http://php.net/manual/en/function.strftime.php)
202syntax. During upgrade the option is reset to
203the default value, which is now %Y-%m-%d (YYYY-MM-DD) per ISO 8601.
204
205This release intoduces two new configuration options:
206`REVERSED_RACKS_LISTSRC` and `NEAREST_RACKS_CHECKBOX`.
207
208### Upgrading to 0.20.1
209
210The 0.20.0 release includes bug which breaks IP networks' capacity displaying on
21132-bit architecture machines. To fix this, this release makes use of PHP's BC
212Math module. It is a new reqiurement. Most PHP distributions have this module
213already enabled, but if yours does not - you need yo recompile PHP.
214
215Security context of 'ipaddress' page now includes tags from the network
216containing an IP address. This means that you should audit your permission rules
217to check there is no unintended allows of changing IPs based on network's
218tagset. Example:
219```
220 allow {client network} and {New York}
221```
222This rule now not only allows any operation on NY client networks, but also any
223operation with IP addresses included in those networks. To fix this, you should
224change the rule this way:
225```
226 allow {client network} and {New York} and not {$page_ipaddress}
227```
228
229### Upgrading to 0.20.0
230
231WARNING: This release have too many internal changes, some of them were waiting
232more than a year to be released. So this release is considered "BETA" and is
233recommended only to curiuos users, who agree to sacrifice the stability to the
234progress.
235
236Racks and Rows are now stored in the database as Objects. The RackObject table
237was renamed to Object. SQL views were created to ease the migration of custom
238reports and scripts.
239
240New plugins engine instead of `local.php` file. To make your own code stored in
241`local.php` work, you must move the `local.php` file into the `plugins/` directory.
242The name of this file does not matter any more. You also can store multiple
243files in that dir, separate your plugins by features, share them and try the
244plugins from other people just placing them into `plugins/` dir, no more merging.
245
246* `$path_to_local_php` variable has no special meaning any more.
247* `$racktables_confdir` variable is now used only to search for `secret.php` file.
248* `$racktables_plugins_dir` is a new overridable special variable pointing to `plugins/` directory.
249
250Beginning with this version it is possible to delete IP prefixes, VLANs, Virtual
251services and RS pools from within theirs properties tab. So please inspect your
252permissions rules to assure there are no undesired allows for deletion of these
253objects. To ensure this, you could try this code in the beginning of permissions
254script:
255```
256allow {userid_1} and {$op_del}
257deny {$op_del} and ({$tab_edit} or {$tab_properties})
258```
259
260Hardware gateways engine was rewritten in this version of RackTables. This means
261that the file `gateways/deviceconfig/switch.secrets.php` is not used any more. To
262get information about configuring connection properties and credentials in a new
263way please read [this](http://wiki.racktables.org/index.php/Gateways).
264
265This also means that recently added features based on old API (D-Link switches
266and Linux gateway support contributed by Ilya Evseev) are not working any more
267and waiting to be forward-ported to new gateways API. Sorry for that.
268
269Two new config variables appeared in this version:
270 - `SEARCH_DOMAINS`. Comma-separated list of DNS domains which are considered
271 "base" for your network. If RackTables search engine finds multiple objects
272 based on your search input, but there is only one which FQDN consists of
273 your input and one of these search domains, you will be redirected to this
274 object and other results will be discarded. Such behavior was unconditional
275 since 0.19.3, which caused many objections from users. So welcome this
276 config var.
277 - `QUICK_LINK_PAGES`. Comma-separated list of RackTables pages to display links
278 to them on top. Each user could have his own list.
279
280Also some of config variables have changed their default values in this version.
281This means that upgrade script will change their values if you have them in
282previous default state. This could be inconvenient, but it is the most effective
283way to encourage users to use new features. If this behavior is not what you
284want, simply revert these variables' values:
285
286variable | old | new | comment
287------------------------|-------------|-------|--------
288`SHOW_LAST_TAB` | no | yes
289`IPV4_TREE_SHOW_USAGE` | yes | no | Networks' usage is still available by click.
290`IPV4LB_LISTSRC` | {$typeid_4} | false
291`FILTER_DEFAULT_ANDOR` | or | and | This implicitly enables the feature of dynamic tree shrinking.
292`FILTER_SUGGEST_EXTRA` | no | yes | Yes, we have extra logical filters!
293`IPV4_TREE_RTR_AS_CELL` | yes | no | Display routers as simple text, not cell.
294
295Also please note that variable `IPV4_TREE_RTR_AS_CELL` now has third special value
296besides 'yes' and 'no': 'none'. Use 'none' value if you are experiencing low
297performance on IP tree page. It will completely disable IP ranges scan for
298used/spare IPs and the speed of IP tree will increase radically. The price is
299you will not see the routers in IP tree at all.
300
301### Upgrading to 0.19.13
302A new "date" attribute type has been added. Existing date based fields ("HW
303warranty expiration", "support contract expiration" and "SW warranty
304expiration") will be converted to this new type but must be in the format
305"mm/dd/yyyy" otherwise the conversion will fail.
306
307### Upgrading to 0.19.2
308
309This release is different in filesystem layout. The "gateways" directory has
310been moved from `wwwroot` directory. This improves security a bit. You can also
311separate your local settings and add-ons from the core RackTables code. To do
312that, put a single `index.php` file into the DocumentRoot of your http server:
313
314```php
315<?php
316$racktables_confdir='/directory/with/secret.php/and/local.php/';
317require '/directory_where_you_extracted_racktables_distro/wwwroot/index.php';
318?>
319```
320
321No more files are needed to be available directly over the HTTP. Full list of
322filesystem paths which could be specified in custom `index.php` or `secret.php`:
323* `$racktables_gwdir`: path to the gateways directory;
324* `$racktables_staticdir`: path to the directory containing `pix`, `js`, `css` directories;
325* `$racktables_confdir`: path where secret.php and local.php are located. It is not recommended to define it in `secret.php`, cause only the path to `local.php` will be affected;
326* `$path_to_secret_php`: Ignore `$racktables_confdir` when locating `secret.php` and use the specified path;
327* `$path_to_local_php`: idem for `local.php`.
328
329### Upgrading to 0.19.0
330
331The files, which are intended for the httpd (web-server) directory, are now in
332the `wwwroot` directory of the tar.gz archive. Files outside of that directory
333are not directly intended for httpd environment and should not be copied to the
334server.
335
336This release incorporates ObjectLog functionality, which used to be available as
337a separate plugin. For the best results it is advised to disable (through
338`local.php`) external ObjectLog plugin permanently before the new version is
339installed. All previously accumulated ObjectLog records will be available
340through the updated standard interface.
341
342RackTables is now using PHP JSON extension which is included in the PHP core
343since 5.2.0.
344
345The barcode attribute was removed. The upgrade script attempts to preserve the
346data by moving it to either the 'OEM S/N 1' attribute or to a Log entry. You
347should backup your database beforehand anyway.
348
349### Upgrading to 0.18.x
350
351RackTables from its version 0.18.0 and later is not compatible with RHEL/CentOS
352(at least with versions up to 5.5) Linux distributions in their default
353installation. There are yet options to work around that:
354
3551. Install RackTables on a server with a different distribution/OS.
3562. Request Linux distribution vendor to fix the bug with PCRE.
3573. Repair your RHEL/CentOS installation yourself by fixing its PCRE
358 RPM as explained [here](http://bugs.centos.org/view.php?id=3252)