genericAssertion(): fix a few minor issues
[racktables] / README.md
CommitLineData
2797f2c7
DO
1# Welcome!
2Thank you for selecting RackTables as your datacenter management solution!
3If you are looking for documentation or wish to send feedback, please
4look for the respective links at [project's web-site](http://racktables.org).
5
fde823aa
DO
6# How to install RackTables
7
8## 1. Prepare the server
9
27bac28f 10RackTables uses a web-server with PHP (5.5.0 or newer) for front-end and a
fde823aa
DO
11MySQL/MariaDB server version 5 for back-end. The most commonly used web-server
12for RackTables is Apache httpd.
13
14### 1.1. Install MySQL server
15
16| Distribution | How to do |
17| ------------------ | ----------------------------------------------------------------------- |
fde823aa
DO
18| Debian 6 | `aptitude install mysql-server-5.1` |
19| Debian 7 | `aptitude install mysql-server-5.1` |
20| Fedora 8-16 | `yum install mysql-server mysql` |
c2a49f7b 21| Fedora 23-26 | `dnf install mariadb-server mariadb` |
3425beb7 22| FreeBSD 10 | `pkg install mysql56-server` |
38fd042d 23| openSUSE 42.1 | `zypper install mysql-community-server` |
fde823aa
DO
24| Scientific Linux 6 | `yum install mysql-server mysql` |
25| Ubuntu 14.04 | `apt-get install mysql-server` |
a4b869c7 26| Ubuntu 16.04 | `apt-get install mysql-server` |
fde823aa
DO
27
28### 1.2. Enable Unicode in the MySQL server
29
30| Distribution | How to do |
31| ------------------ | ------------------------------------------------------------------------------------------------------------------ |
fde823aa
DO
32| Debian 6 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/mysql/my.cnf` file and restart mysqld |
33| Debian 7 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/mysql/my.cnf` file and restart mysqld |
34| Fedora 8-16 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/my.cnf` file and restart mysqld |
c2a49f7b 35| Fedora 23-26 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/my.cnf.d/mysqld-charset.cnf; systemctl restart mariadb``` |
38fd042d 36| openSUSE 42.1 | No action required, comes configured for UTF-8 by default. |
fde823aa
DO
37| Scientific Linux 6 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/my.cnf` file and restart mysqld |
38| Ubuntu 14.04 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/mysql/conf.d/charset.cnf; service mysql restart``` |
a4b869c7 39| Ubuntu 16.04 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/mysql/conf.d/charset.cnf; service mysql restart``` |
fde823aa
DO
40
41### 1.3. Install PHP and Apache httpd (or nginx)
42
43| Distribution | How to do |
44| ------------------ | ------------------------------------------------------------------------------------ |
fde823aa
DO
45| Debian 6 | `aptitude install libapache2-mod-php5 php5-gd php5-mysql php5-snmp` |
46| Debian 7 (nginx) | `aptitude install nginx php5-fpm` **(see note below)** |
d32867b3
DO
47| Fedora 8-16 | `yum install httpd php php-mysql php-pdo php-gd php-snmp php-mbstring php-bcmath` |
48| Fedora 23 | `dnf install httpd php php-mysql php-pdo php-gd php-snmp php-mbstring php-bcmath` |
c2a49f7b 49| Fedora 26 | `dnf install httpd php php-mysqlnd php-pdo php-gd php-snmp php-mbstring php-bcmath` |
3425beb7 50| FreeBSD 10 | see note 1.3.c |
38fd042d 51| openSUSE 42.1 | `zypper install apache2-mod_php5 php5-gd php5-mbstring php5-mysql php5-bcmath` |
fde823aa 52| Scientific Linux 6 | `yum install httpd php php-mysql php-pdo php-gd php-mbstring php-bcmath` |
d32867b3 53| Ubuntu 14.04 | `apt-get install apache2-bin libapache2-mod-php5 php5-gd php5-mysql php5-snmp` |
e5c4b20b 54| Ubuntu 16.04 | `apt-get install apache2-bin libapache2-mod-php7.0 php7.0-gd php7.0-mysql php7.0-mbstring php7.0-bcmath php7.0-json php7.0-snmp`
fde823aa
DO
55
56#### 1.3.a. Debian 7 with nginx
2797f2c7
DO
57Remember to adjust `server_name` in `server {}` section, otherwise your logout link
58will point to localhost (and thus fail).
d32264dc 59Notice that fpm.sock is advised, keep the rest on default configuration, or
2797f2c7
DO
60tweak to your needs. You may need to set `fastcgi_read_timeout 600;` if you use
61some external addons like fping, which may take some time in certain situations.
62Please note that setting aggresive caching for php scripts may result in stale
63content - so maximum of 60 seconds is advised, but by default it is not enabled.
64
44d5d40a 65#### 1.3.b. [redacted]
2797f2c7 66
44d5d40a 67#### 1.3.c. FreeBSD 10
3425beb7 68There are 3 different ways how you can install RackTables and its dependencies on FreeBSD.
69
44d5d40a 70######A. use pkg (Binary Package Management) (not always the newest version)
3425beb7 71```
72# pkg install racktables
73# pkg install mod_php56 mysql56-server
74```
44d5d40a 75As of March 2017 this will install RackTables Version 0.20.11 and its dependencies (php 5.6, mysql-server 5.6 and apache 2.4).
3425beb7 76
44d5d40a 77######B. use the ports system (possibly more recent than pkg)
3425beb7 78```
79# cd /usr/ports/sysutils/racktables
80# make install
81# pkg install mod_php56 mysql56-server
82```
44d5d40a 83As of March 2017 this will install RackTables Version 0.20.11 and build and install its dependencies (php 5.6, mysql-server 5.6 and apache 2.4).
3425beb7 84
44d5d40a 85######C. manual (newest version)
3425beb7 86Install dependencies with pkg:
87```
88# pkg install php70-bcmath php70-curl php70-filter php70-gd php70-gmp php70-json php70-mbstring php70-openssl php70-pdo php70-pdo_mysql php70-session php70-simplexml php70-snmp php70-sockets
510ae82b 89# pkg install mod_php70 mysql56-server
3425beb7 90```
91
44d5d40a 92unpack tar.gz/zip archive to `/usr/local/www`
3425beb7 93
22b1da4a 94symlink racktables dir
3425beb7 95```
96# cd /usr/local/www
97# ln -s RackTables-0.20.xx racktables
98```
99
100##### Common install steps
101Apache users should create a racktables.conf file under their apache
102Includes directory with the following contents:
103```
104AddType application/x-httpd-php .php
105AddType application/x-httpd-php-source .phps
106
107<Directory /usr/local/www/racktables/wwwroot>
108 DirectoryIndex index.php
109 Require all granted
110</Directory>
111Alias /racktables /usr/local/www/racktables/wwwroot
112```
113
114Start services:
115```
116#echo 'apache24_enable="YES"' >> /etc/rc.conf
117#service apache24 start
118
119#echo 'mysql_enable="YES"' >> /etc/rc.conf
120#service mysql-server start
121```
122
0ed66a4d 123Browse to http://address.to.your.server/racktables/index.php and follow the instructions.
3425beb7 124
44d5d40a 125Note: set `secret.php` permissions when prompted.
3425beb7 126```
127# chown www:www /usr/local/www/racktables/wwwroot/inc/secret.php
128# chmod 400 /usr/local/www/racktables/wwwroot/inc/secret.php
129```
130
131
fde823aa 132## 2. Copy the files
2797f2c7
DO
133Unpack the tar.gz/zip archive to a directory of your choice and configure Apache
134httpd to use `wwwroot` subdirectory as a new DocumentRoot. Alternatively,
135symlinks to `wwwroot` or even to `index.php` from an existing DocumentRoot are
35d895be 136also possible and often advisable (see `README.Fedora`).
2797f2c7 137
fde823aa 138## 3. Run the installer
2797f2c7
DO
139Open the configured RackTables URL and you will be prompted to configure
140and initialize the application.
141
8c5b4ba3
DO
142| Distribution | Apache httpd UID:GID | MySQL UNIX socket path |
143| --------------- | ----------------------- | -------------------------------- |
c2a49f7b 144| Fedora 23-26 | `apache:apache` | `/var/lib/mysql/mysql.sock` |
38fd042d 145| openSUSE 42.1 | `wwwrun:www` | `/var/run/mysql/mysql.sock` |
8c5b4ba3 146| Ubuntu 14.04 | `www-data:www-data` | `/var/run/mysqld/mysqld.sock` |
d1c79f04 147| Ubuntu 16.04 | `www-data:www-data` | `/var/run/mysqld/mysqld.sock` |
8c5b4ba3 148
fde823aa 149# How to upgrade RackTables
2797f2c7
DO
150
1510. **Backup your database** and check the release notes below before actually
152 starting the upgrade.
1531. Remove all existing files except configuration (the `inc/secret.php` file)
154 and local plugins (in the `plugins/` directory).
1552. Put the contents of the new tar.gz/zip archive into the place.
1563. Open the RackTables page in a browser. The software will detect version
157 mismatch and display a message telling to log in as admin to finish
158 the upgrade.
1594. Do that and report any errors to the bug tracker or the mailing list.
160
161## Release notes
162
011df355
AD
163### Upgrading to 0.21.0
164
27bac28f
DO
165From now on the minimum (oldest) release of PHP that can run RackTables is
1665.5.0.
167
011df355
AD
168This release introduces a new plugin architecture. If you experience issues
169after the upgrade, try disabling plugins.
2d78b612 170Refer to http://wiki.racktables.org/index.php/Plugins
011df355
AD
171for more information.
172
c5c39ee5
AA
173### Upgrading to 0.20.11
174
d40d136a 175New `IPV4_TREE_SHOW_UNALLOCATED` configuration option introduced to disable
c5c39ee5 176dsplaying unallocated networks in IPv4 space tree. Setting it also disables
e1e193fe 177the "knight" feature.
c5c39ee5 178
2797f2c7
DO
179### Upgrading to 0.20.7
180
181From now on the minimum (oldest) release of PHP that can run RackTables is
1825.2.10. In particular, to continue running RackTables on CentOS 5 it is
183necessary to replace its php* RPM packages with respective php53* packages
184before the upgrade (except the JSON package, which PHP 5.3 provides internally).
185
186Database triggers are used for some data consistency measures. The database
187user account must have the 'TRIGGER' privilege, which was introduced in
188MySQL 5.1.7.
189
d32264dc 190The `IPV4OBJ_LISTSRC` configuration option is reset to an expression that enables
2797f2c7
DO
191the IP addressing feature for all object types except those listed.
192
193Tags could now be assigned on the Edit/Properties tab using a text input with
194auto-completion. Type a star '*' to view full tag tree in auto-complete menu.
195It is worth to add the following line to the permissions script if the
196old-fashioned 'Tags' tab is not needed any more:
197```
198 deny {$tab_tags} # this hides 'Tags' tab
199```
200
201This release converts collation of all DB fields to the `utf8_unicode_ci`. This
202procedure may take some time, and could fail if there are rows that differ only
203by letter case. If this happen, you'll see the failed SQL query in upgrade report
204with the "Duplicate entry" error message. Feel free to continue using your
205installation. If desired so, you could eliminate the case-duplicating rows
206and re-apply the failed query.
207
208### Upgrading to 0.20.6
209
210New `MGMT_PROTOS` configuration option replaces the `TELNET_OBJS_LISTSRC`,
211`SSH_OBJS_LISTSRC` and `RDP_OBJS_LISTSRC` options (converting existing settings as
212necessary). `MGMT_PROTOS` allows to specify any management protocol for a
213particular device list using a RackCode filter. The default value
214(`ssh: {$typeid_4}, telnet: {$typeid_8}`) produces `ssh://server.fqdn` for
215servers and `telnet://switch.fqdn` for network switches.
216
217### Upgrading to 0.20.5
218
219This release introduces the VS groups feature. VS groups is a new way to store
220and display virtual services configuration. There is a new "ipvs" (VS group)
221realm. All previously existing VS configuration remains functional and user
222is free to convert it to the new format, which displays it in a more natural way
223and allows to generate virtual_server_group keepalived configs. To convert a
224virtual service to the new format, it is necessary to manually create a VS group
225object and assign IP addresses to it. The VS group will display a "Migrate" tab
226to convert the old-style VS objects, which can be removed after a successful
227conversion.
228
229The old-style VS configuration becomes **deprecated**. Its support will be removed
230in a future major release. So it is strongly recommended to convert it to the
231new format.
232
233### Upgrading to 0.20.4
234
235Please note that some dictionary items of Cisco Catalyst 2960 series switches
236were renamed to meet official Cisco classification:
237
238old name | new name
239------------|---------
2402960-48TT | 2960-48TT-L
2412960-24TC | 2960-24TC-L
2422960-24TT | 2960-24TT-L
2432960-8TC | 2960-8TC-L
2442960G-48TC | 2960G-48TC-L
2452960G-24TC | 2960G-24TC-L
2462960G-8TC | 2960G-8TC-L
247C2960-24 | C2960-24-S
248C2960G-24PC | C2960-24PC-L
249
250The `DATETIME_FORMAT` configuration option used in setting date and time output
251format now uses a [different](http://php.net/manual/en/function.strftime.php)
252syntax. During upgrade the option is reset to
253the default value, which is now %Y-%m-%d (YYYY-MM-DD) per ISO 8601.
254
255This release intoduces two new configuration options:
256`REVERSED_RACKS_LISTSRC` and `NEAREST_RACKS_CHECKBOX`.
257
258### Upgrading to 0.20.1
259
d32264dc 260The 0.20.0 release includes a bug that breaks IP networks' capacity displaying on
2797f2c7
DO
26132-bit architecture machines. To fix this, this release makes use of PHP's BC
262Math module. It is a new reqiurement. Most PHP distributions have this module
263already enabled, but if yours does not - you need yo recompile PHP.
264
265Security context of 'ipaddress' page now includes tags from the network
266containing an IP address. This means that you should audit your permission rules
267to check there is no unintended allows of changing IPs based on network's
268tagset. Example:
269```
270 allow {client network} and {New York}
271```
272This rule now not only allows any operation on NY client networks, but also any
273operation with IP addresses included in those networks. To fix this, you should
274change the rule this way:
275```
276 allow {client network} and {New York} and not {$page_ipaddress}
277```
278
279### Upgrading to 0.20.0
280
281WARNING: This release have too many internal changes, some of them were waiting
282more than a year to be released. So this release is considered "BETA" and is
283recommended only to curiuos users, who agree to sacrifice the stability to the
284progress.
285
286Racks and Rows are now stored in the database as Objects. The RackObject table
287was renamed to Object. SQL views were created to ease the migration of custom
288reports and scripts.
289
290New plugins engine instead of `local.php` file. To make your own code stored in
291`local.php` work, you must move the `local.php` file into the `plugins/` directory.
292The name of this file does not matter any more. You also can store multiple
293files in that dir, separate your plugins by features, share them and try the
294plugins from other people just placing them into `plugins/` dir, no more merging.
295
296* `$path_to_local_php` variable has no special meaning any more.
297* `$racktables_confdir` variable is now used only to search for `secret.php` file.
298* `$racktables_plugins_dir` is a new overridable special variable pointing to `plugins/` directory.
299
300Beginning with this version it is possible to delete IP prefixes, VLANs, Virtual
301services and RS pools from within theirs properties tab. So please inspect your
302permissions rules to assure there are no undesired allows for deletion of these
303objects. To ensure this, you could try this code in the beginning of permissions
304script:
305```
306allow {userid_1} and {$op_del}
307deny {$op_del} and ({$tab_edit} or {$tab_properties})
308```
309
310Hardware gateways engine was rewritten in this version of RackTables. This means
311that the file `gateways/deviceconfig/switch.secrets.php` is not used any more. To
312get information about configuring connection properties and credentials in a new
313way please read [this](http://wiki.racktables.org/index.php/Gateways).
314
315This also means that recently added features based on old API (D-Link switches
316and Linux gateway support contributed by Ilya Evseev) are not working any more
317and waiting to be forward-ported to new gateways API. Sorry for that.
318
319Two new config variables appeared in this version:
d32264dc 320 - `SEARCH_DOMAINS`. Comma-separated list of DNS domains that are considered
2797f2c7 321 "base" for your network. If RackTables search engine finds multiple objects
d32264dc 322 based on your search input, but there is only one that has FQDN consisting of
2797f2c7
DO
323 your input and one of these search domains, you will be redirected to this
324 object and other results will be discarded. Such behavior was unconditional
325 since 0.19.3, which caused many objections from users. So welcome this
326 config var.
327 - `QUICK_LINK_PAGES`. Comma-separated list of RackTables pages to display links
328 to them on top. Each user could have his own list.
329
330Also some of config variables have changed their default values in this version.
331This means that upgrade script will change their values if you have them in
332previous default state. This could be inconvenient, but it is the most effective
333way to encourage users to use new features. If this behavior is not what you
334want, simply revert these variables' values:
335
336variable | old | new | comment
337------------------------|-------------|-------|--------
338`SHOW_LAST_TAB` | no | yes
339`IPV4_TREE_SHOW_USAGE` | yes | no | Networks' usage is still available by click.
340`IPV4LB_LISTSRC` | {$typeid_4} | false
341`FILTER_DEFAULT_ANDOR` | or | and | This implicitly enables the feature of dynamic tree shrinking.
342`FILTER_SUGGEST_EXTRA` | no | yes | Yes, we have extra logical filters!
343`IPV4_TREE_RTR_AS_CELL` | yes | no | Display routers as simple text, not cell.
344
345Also please note that variable `IPV4_TREE_RTR_AS_CELL` now has third special value
346besides 'yes' and 'no': 'none'. Use 'none' value if you are experiencing low
347performance on IP tree page. It will completely disable IP ranges scan for
348used/spare IPs and the speed of IP tree will increase radically. The price is
349you will not see the routers in IP tree at all.