spell "natural" and "unsigned" in some more files
[racktables] / README.md
1 # Welcome!
2 Thank you for selecting RackTables as your datacenter management solution!
3 If you are looking for documentation or wish to send feedback, please
4 look for the respective links at [project's web-site](http://racktables.org).
5
6 # How to install RackTables
7
8 ## 1. Prepare the server
9
10 RackTables uses a web-server with PHP (5.5.0 or newer) for front-end and a
11 MySQL/MariaDB server version 5 for back-end. The most commonly used web-server
12 for RackTables is Apache httpd.
13
14 ### 1.1. Install MySQL server
15
16 | Distribution | How to do |
17 | ------------------ | ----------------------------------------------------------------------- |
18 | Debian 6 | `aptitude install mysql-server-5.1` |
19 | Debian 7 | `aptitude install mysql-server-5.1` |
20 | Fedora 8-16 | `yum install mysql-server mysql` |
21 | Fedora 23-26 | `dnf install mariadb-server mariadb` |
22 | FreeBSD 10 | `pkg install mysql56-server` |
23 | openSUSE 42.1 | `zypper install mysql-community-server` |
24 | Scientific Linux 6 | `yum install mysql-server mysql` |
25 | Ubuntu 14.04 | `apt-get install mysql-server` |
26 | Ubuntu 16.04 | `apt-get install mysql-server` |
27 | Ubuntu 18.04 | `apt-get install mysql-server` |
28
29 ### 1.2. Enable Unicode in the MySQL server
30
31 | Distribution | How to do |
32 | ------------------ | ------------------------------------------------------------------------------------------------------------------ |
33 | Debian 6 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/mysql/my.cnf` file and restart mysqld |
34 | Debian 7 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/mysql/my.cnf` file and restart mysqld |
35 | Fedora 8-16 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/my.cnf` file and restart mysqld |
36 | Fedora 23-26 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/my.cnf.d/mysqld-charset.cnf; systemctl restart mariadb``` |
37 | openSUSE 42.1 | No action required, comes configured for UTF-8 by default. |
38 | Scientific Linux 6 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/my.cnf` file and restart mysqld |
39 | Ubuntu 14.04 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/mysql/conf.d/charset.cnf; service mysql restart``` |
40 | Ubuntu 16.04 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/mysql/conf.d/charset.cnf; service mysql restart``` |
41 | Ubuntu 18.04 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/mysql/conf.d/charset.cnf; service mysql restart``` |
42
43 ### 1.3. Install PHP and Apache httpd (or nginx)
44
45 | Distribution | How to do |
46 | ------------------ | ------------------------------------------------------------------------------------ |
47 | Debian 6 | `aptitude install libapache2-mod-php5 php5-gd php5-mysql php5-snmp` |
48 | Debian 7 (nginx) | `aptitude install nginx php5-fpm` **(see note below)** |
49 | Fedora 8-16 | `yum install httpd php php-mysql php-pdo php-gd php-snmp php-mbstring php-bcmath` |
50 | Fedora 23 | `dnf install httpd php php-mysql php-pdo php-gd php-snmp php-mbstring php-bcmath` |
51 | Fedora 26 | `dnf install httpd php php-mysqlnd php-pdo php-gd php-snmp php-mbstring php-bcmath` |
52 | FreeBSD 10 | see note 1.3.c |
53 | openSUSE 42.1 | `zypper install apache2-mod_php5 php5-gd php5-mbstring php5-mysql php5-bcmath` |
54 | Scientific Linux 6 | `yum install httpd php php-mysql php-pdo php-gd php-mbstring php-bcmath` |
55 | Ubuntu 14.04 | `apt-get install apache2-bin libapache2-mod-php5 php5-gd php5-mysql php5-snmp` |
56 | Ubuntu 16.04 | `apt-get install apache2-bin libapache2-mod-php7.0 php7.0-gd php7.0-mysql php7.0-mbstring php7.0-bcmath php7.0-json php7.0-snmp`
57 | Ubuntu 18.04 | `apt-get install apache2-bin libapache2-mod-php7.2 php7.2-gd php7.2-mysql php7.2-mbstring php7.2-bcmath php7.2-json php7.2-snmp`
58
59 #### 1.3.a. Debian 7 with nginx
60 Remember to adjust `server_name` in `server {}` section, otherwise your logout link
61 will point to localhost (and thus fail).
62 Notice that fpm.sock is advised, keep the rest on default configuration, or
63 tweak to your needs. You may need to set `fastcgi_read_timeout 600;` if you use
64 some external addons like fping, which may take some time in certain situations.
65 Please note that setting aggresive caching for php scripts may result in stale
66 content - so maximum of 60 seconds is advised, but by default it is not enabled.
67
68 #### 1.3.b. [redacted]
69
70 #### 1.3.c. FreeBSD 10
71 There are 3 different ways how you can install RackTables and its dependencies on FreeBSD.
72
73 ######A. use pkg (Binary Package Management) (not always the newest version)
74 ```
75 # pkg install racktables
76 # pkg install mod_php56 mysql56-server
77 ```
78 As of March 2017 this will install RackTables Version 0.20.11 and its dependencies (php 5.6, mysql-server 5.6 and apache 2.4).
79
80 ######B. use the ports system (possibly more recent than pkg)
81 ```
82 # cd /usr/ports/sysutils/racktables
83 # make install
84 # pkg install mod_php56 mysql56-server
85 ```
86 As of March 2017 this will install RackTables Version 0.20.11 and build and install its dependencies (php 5.6, mysql-server 5.6 and apache 2.4).
87
88 ######C. manual (newest version)
89 Install dependencies with pkg:
90 ```
91 # pkg install php70-bcmath php70-curl php70-filter php70-gd php70-gmp php70-json php70-mbstring php70-openssl php70-pdo php70-pdo_mysql php70-session php70-simplexml php70-snmp php70-sockets
92 # pkg install mod_php70 mysql56-server
93 ```
94
95 unpack tar.gz/zip archive to `/usr/local/www`
96
97 symlink racktables dir
98 ```
99 # cd /usr/local/www
100 # ln -s RackTables-0.20.xx racktables
101 ```
102
103 ##### Common install steps
104 Apache users should create a racktables.conf file under their apache
105 Includes directory with the following contents:
106 ```
107 AddType application/x-httpd-php .php
108 AddType application/x-httpd-php-source .phps
109
110 <Directory /usr/local/www/racktables/wwwroot>
111 DirectoryIndex index.php
112 Require all granted
113 </Directory>
114 Alias /racktables /usr/local/www/racktables/wwwroot
115 ```
116
117 Start services:
118 ```
119 #echo 'apache24_enable="YES"' >> /etc/rc.conf
120 #service apache24 start
121
122 #echo 'mysql_enable="YES"' >> /etc/rc.conf
123 #service mysql-server start
124 ```
125
126 Browse to http://address.to.your.server/racktables/index.php and follow the instructions.
127
128 Note: set `secret.php` permissions when prompted.
129 ```
130 # chown www:www /usr/local/www/racktables/wwwroot/inc/secret.php
131 # chmod 400 /usr/local/www/racktables/wwwroot/inc/secret.php
132 ```
133
134
135 ## 2. Copy the files
136 Unpack the tar.gz/zip archive to a directory of your choice and configure Apache
137 httpd to use `wwwroot` subdirectory as a new DocumentRoot. Alternatively,
138 symlinks to `wwwroot` or even to `index.php` from an existing DocumentRoot are
139 also possible and often advisable (see `README.Fedora`).
140
141 ## 3. Run the installer
142 Open the configured RackTables URL and you will be prompted to configure
143 and initialize the application.
144
145 | Distribution | Apache httpd UID:GID | MySQL UNIX socket path |
146 | --------------- | ----------------------- | -------------------------------- |
147 | Fedora 23-26 | `apache:apache` | `/var/lib/mysql/mysql.sock` |
148 | openSUSE 42.1 | `wwwrun:www` | `/var/run/mysql/mysql.sock` |
149 | Ubuntu 14.04 | `www-data:www-data` | `/var/run/mysqld/mysqld.sock` |
150 | Ubuntu 16.04 | `www-data:www-data` | `/var/run/mysqld/mysqld.sock` |
151 | Ubuntu 18.04 | `www-data:www-data` | `/var/run/mysqld/mysqld.sock` |
152
153 # How to upgrade RackTables
154
155 0. **Backup your database** and check the release notes below before actually
156 starting the upgrade.
157 1. Remove all existing files except configuration (the `inc/secret.php` file)
158 and local plugins (in the `plugins/` directory).
159 2. Put the contents of the new tar.gz/zip archive into the place.
160 3. Open the RackTables page in a browser. The software will detect version
161 mismatch and display a message telling to log in as admin to finish
162 the upgrade.
163 4. Do that and report any errors to the bug tracker or the mailing list.
164
165 ## Release notes
166
167 ### Upgrading to 0.21.0
168
169 From now on the minimum (oldest) release of PHP that can run RackTables is
170 5.5.0.
171
172 This release introduces a new plugin architecture. If you experience issues
173 after the upgrade, try disabling plugins.
174 Refer to http://wiki.racktables.org/index.php/Plugins
175 for more information.
176
177 ### Upgrading to 0.20.11
178
179 New `IPV4_TREE_SHOW_UNALLOCATED` configuration option introduced to disable
180 dsplaying unallocated networks in IPv4 space tree. Setting it also disables
181 the "knight" feature.
182
183 ### Upgrading to 0.20.7
184
185 From now on the minimum (oldest) release of PHP that can run RackTables is
186 5.2.10. In particular, to continue running RackTables on CentOS 5 it is
187 necessary to replace its php* RPM packages with respective php53* packages
188 before the upgrade (except the JSON package, which PHP 5.3 provides internally).
189
190 Database triggers are used for some data consistency measures. The database
191 user account must have the 'TRIGGER' privilege, which was introduced in
192 MySQL 5.1.7.
193
194 The `IPV4OBJ_LISTSRC` configuration option is reset to an expression that enables
195 the IP addressing feature for all object types except those listed.
196
197 Tags could now be assigned on the Edit/Properties tab using a text input with
198 auto-completion. Type a star '*' to view full tag tree in auto-complete menu.
199 It is worth to add the following line to the permissions script if the
200 old-fashioned 'Tags' tab is not needed any more:
201 ```
202 deny {$tab_tags} # this hides 'Tags' tab
203 ```
204
205 This release converts collation of all DB fields to the `utf8_unicode_ci`. This
206 procedure may take some time, and could fail if there are rows that differ only
207 by letter case. If this happen, you'll see the failed SQL query in upgrade report
208 with the "Duplicate entry" error message. Feel free to continue using your
209 installation. If desired so, you could eliminate the case-duplicating rows
210 and re-apply the failed query.
211
212 ### Upgrading to 0.20.6
213
214 New `MGMT_PROTOS` configuration option replaces the `TELNET_OBJS_LISTSRC`,
215 `SSH_OBJS_LISTSRC` and `RDP_OBJS_LISTSRC` options (converting existing settings as
216 necessary). `MGMT_PROTOS` allows to specify any management protocol for a
217 particular device list using a RackCode filter. The default value
218 (`ssh: {$typeid_4}, telnet: {$typeid_8}`) produces `ssh://server.fqdn` for
219 servers and `telnet://switch.fqdn` for network switches.
220
221 ### Upgrading to 0.20.5
222
223 This release introduces the VS groups feature. VS groups is a new way to store
224 and display virtual services configuration. There is a new "ipvs" (VS group)
225 realm. All previously existing VS configuration remains functional and user
226 is free to convert it to the new format, which displays it in a more natural way
227 and allows to generate virtual_server_group keepalived configs. To convert a
228 virtual service to the new format, it is necessary to manually create a VS group
229 object and assign IP addresses to it. The VS group will display a "Migrate" tab
230 to convert the old-style VS objects, which can be removed after a successful
231 conversion.
232
233 The old-style VS configuration becomes **deprecated**. Its support will be removed
234 in a future major release. So it is strongly recommended to convert it to the
235 new format.
236
237 ### Upgrading to 0.20.4
238
239 Please note that some dictionary items of Cisco Catalyst 2960 series switches
240 were renamed to meet official Cisco classification:
241
242 old name | new name
243 ------------|---------
244 2960-48TT | 2960-48TT-L
245 2960-24TC | 2960-24TC-L
246 2960-24TT | 2960-24TT-L
247 2960-8TC | 2960-8TC-L
248 2960G-48TC | 2960G-48TC-L
249 2960G-24TC | 2960G-24TC-L
250 2960G-8TC | 2960G-8TC-L
251 C2960-24 | C2960-24-S
252 C2960G-24PC | C2960-24PC-L
253
254 The `DATETIME_FORMAT` configuration option used in setting date and time output
255 format now uses a [different](http://php.net/manual/en/function.strftime.php)
256 syntax. During upgrade the option is reset to
257 the default value, which is now %Y-%m-%d (YYYY-MM-DD) per ISO 8601.
258
259 This release intoduces two new configuration options:
260 `REVERSED_RACKS_LISTSRC` and `NEAREST_RACKS_CHECKBOX`.
261
262 ### Upgrading to 0.20.1
263
264 The 0.20.0 release includes a bug that breaks IP networks' capacity displaying on
265 32-bit architecture machines. To fix this, this release makes use of PHP's BC
266 Math module. It is a new reqiurement. Most PHP distributions have this module
267 already enabled, but if yours does not - you need yo recompile PHP.
268
269 Security context of 'ipaddress' page now includes tags from the network
270 containing an IP address. This means that you should audit your permission rules
271 to check there is no unintended allows of changing IPs based on network's
272 tagset. Example:
273 ```
274 allow {client network} and {New York}
275 ```
276 This rule now not only allows any operation on NY client networks, but also any
277 operation with IP addresses included in those networks. To fix this, you should
278 change the rule this way:
279 ```
280 allow {client network} and {New York} and not {$page_ipaddress}
281 ```
282
283 ### Upgrading to 0.20.0
284
285 WARNING: This release have too many internal changes, some of them were waiting
286 more than a year to be released. So this release is considered "BETA" and is
287 recommended only to curiuos users, who agree to sacrifice the stability to the
288 progress.
289
290 Racks and Rows are now stored in the database as Objects. The RackObject table
291 was renamed to Object. SQL views were created to ease the migration of custom
292 reports and scripts.
293
294 New plugins engine instead of `local.php` file. To make your own code stored in
295 `local.php` work, you must move the `local.php` file into the `plugins/` directory.
296 The name of this file does not matter any more. You also can store multiple
297 files in that dir, separate your plugins by features, share them and try the
298 plugins from other people just placing them into `plugins/` dir, no more merging.
299
300 * `$path_to_local_php` variable has no special meaning any more.
301 * `$racktables_confdir` variable is now used only to search for `secret.php` file.
302 * `$racktables_plugins_dir` is a new overridable special variable pointing to `plugins/` directory.
303
304 Beginning with this version it is possible to delete IP prefixes, VLANs, Virtual
305 services and RS pools from within theirs properties tab. So please inspect your
306 permissions rules to assure there are no undesired allows for deletion of these
307 objects. To ensure this, you could try this code in the beginning of permissions
308 script:
309 ```
310 allow {userid_1} and {$op_del}
311 deny {$op_del} and ({$tab_edit} or {$tab_properties})
312 ```
313
314 Hardware gateways engine was rewritten in this version of RackTables. This means
315 that the file `gateways/deviceconfig/switch.secrets.php` is not used any more. To
316 get information about configuring connection properties and credentials in a new
317 way please read [this](http://wiki.racktables.org/index.php/Gateways).
318
319 This also means that recently added features based on old API (D-Link switches
320 and Linux gateway support contributed by Ilya Evseev) are not working any more
321 and waiting to be forward-ported to new gateways API. Sorry for that.
322
323 Two new config variables appeared in this version:
324 - `SEARCH_DOMAINS`. Comma-separated list of DNS domains that are considered
325 "base" for your network. If RackTables search engine finds multiple objects
326 based on your search input, but there is only one that has FQDN consisting of
327 your input and one of these search domains, you will be redirected to this
328 object and other results will be discarded. Such behavior was unconditional
329 since 0.19.3, which caused many objections from users. So welcome this
330 config var.
331 - `QUICK_LINK_PAGES`. Comma-separated list of RackTables pages to display links
332 to them on top. Each user could have his own list.
333
334 Also some of config variables have changed their default values in this version.
335 This means that upgrade script will change their values if you have them in
336 previous default state. This could be inconvenient, but it is the most effective
337 way to encourage users to use new features. If this behavior is not what you
338 want, simply revert these variables' values:
339
340 variable | old | new | comment
341 ------------------------|-------------|-------|--------
342 `SHOW_LAST_TAB` | no | yes
343 `IPV4_TREE_SHOW_USAGE` | yes | no | Networks' usage is still available by click.
344 `IPV4LB_LISTSRC` | {$typeid_4} | false
345 `FILTER_DEFAULT_ANDOR` | or | and | This implicitly enables the feature of dynamic tree shrinking.
346 `FILTER_SUGGEST_EXTRA` | no | yes | Yes, we have extra logical filters!
347 `IPV4_TREE_RTR_AS_CELL` | yes | no | Display routers as simple text, not cell.
348
349 Also please note that variable `IPV4_TREE_RTR_AS_CELL` now has third special value
350 besides 'yes' and 'no': 'none'. Use 'none' value if you are experiencing low
351 performance on IP tree page. It will completely disable IP ranges scan for
352 used/spare IPs and the speed of IP tree will increase radically. The price is
353 you will not see the routers in IP tree at all.