Edge-Core had the product discontinued
[racktables] / README.md
1 # Welcome!
2 Thank you for selecting RackTables as your datacenter management solution!
3 If you are looking for documentation or wish to send feedback, please
4 look for the respective links at [project's web-site](http://racktables.org).
5
6 # How to install RackTables
7
8 ## 1. Prepare the server
9
10 RackTables uses a web-server with PHP (5.2.10 or newer) for front-end and a
11 MySQL/MariaDB server version 5 for back-end. The most commonly used web-server
12 for RackTables is Apache httpd.
13
14 ### 1.1. Install MySQL server
15
16 | Distribution | How to do |
17 | ------------------ | ----------------------------------------------------------------------- |
18 | Debian 6 | `aptitude install mysql-server-5.1` |
19 | Debian 7 | `aptitude install mysql-server-5.1` |
20 | Fedora 8-16 | `yum install mysql-server mysql` |
21 | Fedora 23 | `dnf install mariadb-server mariadb` |
22 | FreeBSD 10 | `pkg install mysql56-server` |
23 | openSUSE 42.1 | `zypper install mysql-community-server` |
24 | Scientific Linux 6 | `yum install mysql-server mysql` |
25 | Ubuntu 14.04 | `apt-get install mysql-server` |
26 | Ubuntu 16.04 | `apt-get install mysql-server` |
27
28 ### 1.2. Enable Unicode in the MySQL server
29
30 | Distribution | How to do |
31 | ------------------ | ------------------------------------------------------------------------------------------------------------------ |
32 | Debian 6 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/mysql/my.cnf` file and restart mysqld |
33 | Debian 7 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/mysql/my.cnf` file and restart mysqld |
34 | Fedora 8-16 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/my.cnf` file and restart mysqld |
35 | Fedora 23 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/my.cnf.d/mysqld-charset.cnf; systemctl restart mariadb``` |
36 | openSUSE 42.1 | No action required, comes configured for UTF-8 by default. |
37 | Scientific Linux 6 | add `character-set-server=utf8` line to `[mysqld]` section of `/etc/my.cnf` file and restart mysqld |
38 | Ubuntu 14.04 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/mysql/conf.d/charset.cnf; service mysql restart``` |
39 | Ubuntu 16.04 | ```printf "[mysqld]\ncharacter-set-server=utf8\n" > /etc/mysql/conf.d/charset.cnf; service mysql restart``` |
40
41 ### 1.3. Install PHP and Apache httpd (or nginx)
42
43 | Distribution | How to do |
44 | ------------------ | ------------------------------------------------------------------------------------ |
45 | Debian 6 | `aptitude install libapache2-mod-php5 php5-gd php5-mysql php5-snmp` |
46 | Debian 7 (nginx) | `aptitude install nginx php5-fpm` **(see note below)** |
47 | Fedora 8-16 | `yum install httpd php php-mysql php-pdo php-gd php-snmp php-mbstring php-bcmath` |
48 | Fedora 23 | `dnf install httpd php php-mysql php-pdo php-gd php-snmp php-mbstring php-bcmath` |
49 | FreeBSD 10 | see note 1.3.c |
50 | openSUSE 42.1 | `zypper install apache2-mod_php5 php5-gd php5-mbstring php5-mysql php5-bcmath` |
51 | Scientific Linux 6 | `yum install httpd php php-mysql php-pdo php-gd php-mbstring php-bcmath` |
52 | Ubuntu 14.04 | `apt-get install apache2-bin libapache2-mod-php5 php5-gd php5-mysql php5-snmp` |
53 | Ubuntu 16.04 | `apt-get install apache2-bin libapache2-mod-php7.0 php7.0-gd php7.0-mysql php7.0-mbstring php7.0-bcmath php7.0-json php7.0-snmp`
54
55 #### 1.3.a. Debian 7 with nginx
56 Remember to adjust `server_name` in `server {}` section, otherwise your logout link
57 will point to localhost (and thus fail).
58 Notice, that fpm.sock is advised, keep the rest on default configuration, or
59 tweak to your needs. You may need to set `fastcgi_read_timeout 600;` if you use
60 some external addons like fping, which may take some time in certain situations.
61 Please note that setting aggresive caching for php scripts may result in stale
62 content - so maximum of 60 seconds is advised, but by default it is not enabled.
63
64 #### 1.3.b. [redacted]
65
66 #### 1.3.c. FreeBSD 10
67 There are 3 different ways how you can install RackTables and its dependencies on FreeBSD.
68
69 ######A. use pkg (Binary Package Management) (not always the newest version)
70 ```
71 # pkg install racktables
72 # pkg install mod_php56 mysql56-server
73 ```
74 As of March 2017 this will install RackTables Version 0.20.11 and its dependencies (php 5.6, mysql-server 5.6 and apache 2.4).
75
76 ######B. use the ports system (possibly more recent than pkg)
77 ```
78 # cd /usr/ports/sysutils/racktables
79 # make install
80 # pkg install mod_php56 mysql56-server
81 ```
82 As of March 2017 this will install RackTables Version 0.20.11 and build and install its dependencies (php 5.6, mysql-server 5.6 and apache 2.4).
83
84 ######C. manual (newest version)
85 Install dependencies with pkg:
86 ```
87 # pkg install php70-bcmath php70-curl php70-filter php70-gd php70-gmp php70-json php70-mbstring php70-openssl php70-pdo php70-pdo_mysql php70-session php70-simplexml php70-snmp php70-sockets
88 # pkg install mod_php70 mysql56-server
89 ```
90
91 unpack tar.gz/zip archive to `/usr/local/www`
92
93 symblink racktables dir
94 ```
95 # cd /usr/local/www
96 # ln -s RackTables-0.20.xx racktables
97 ```
98
99 ##### Common install steps
100 Apache users should create a racktables.conf file under their apache
101 Includes directory with the following contents:
102 ```
103 AddType application/x-httpd-php .php
104 AddType application/x-httpd-php-source .phps
105
106 <Directory /usr/local/www/racktables/wwwroot>
107 DirectoryIndex index.php
108 Require all granted
109 </Directory>
110 Alias /racktables /usr/local/www/racktables/wwwroot
111 ```
112
113 Start services:
114 ```
115 #echo 'apache24_enable="YES"' >> /etc/rc.conf
116 #service apache24 start
117
118 #echo 'mysql_enable="YES"' >> /etc/rc.conf
119 #service mysql-server start
120 ```
121
122 Browse to http://address.to.your.server/racktables/index.php and follow the instructions.
123
124 Note: set `secret.php` permissions when prompted.
125 ```
126 # chown www:www /usr/local/www/racktables/wwwroot/inc/secret.php
127 # chmod 400 /usr/local/www/racktables/wwwroot/inc/secret.php
128 ```
129
130
131 ## 2. Copy the files
132 Unpack the tar.gz/zip archive to a directory of your choice and configure Apache
133 httpd to use `wwwroot` subdirectory as a new DocumentRoot. Alternatively,
134 symlinks to `wwwroot` or even to `index.php` from an existing DocumentRoot are
135 also possible and often adisable (see `README.Fedora`).
136
137 ## 3. Run the installer
138 Open the configured RackTables URL and you will be prompted to configure
139 and initialize the application.
140
141 | Distribution | Apache httpd UID:GID | MySQL UNIX socket path |
142 | --------------- | ----------------------- | -------------------------------- |
143 | Fedora 23 | `apache:apache` | `/var/lib/mysql/mysql.sock` |
144 | openSUSE 42.1 | `wwwrun:www` | `/var/run/mysql/mysql.sock` |
145 | Ubuntu 14.04 | `www-data:www-data` | `/var/run/mysqld/mysqld.sock` |
146 | Ubuntu 16.04 | `www-data:www-data` | `/var/run/mysqld/mysqld.sock` |
147
148 # How to upgrade RackTables
149
150 0. **Backup your database** and check the release notes below before actually
151 starting the upgrade.
152 1. Remove all existing files except configuration (the `inc/secret.php` file)
153 and local plugins (in the `plugins/` directory).
154 2. Put the contents of the new tar.gz/zip archive into the place.
155 3. Open the RackTables page in a browser. The software will detect version
156 mismatch and display a message telling to log in as admin to finish
157 the upgrade.
158 4. Do that and report any errors to the bug tracker or the mailing list.
159
160 ## Release notes
161
162 ### Upgrading to 0.20.11
163
164 New `IPV4_TREE_SHOW_UNALLOCATED` configuration option introduced to disable
165 dsplaying unallocated networks in IPv4 space tree. Setting it also disables
166 the "knight" feature.
167
168 ### Upgrading to 0.20.7
169
170 From now on the minimum (oldest) release of PHP that can run RackTables is
171 5.2.10. In particular, to continue running RackTables on CentOS 5 it is
172 necessary to replace its php* RPM packages with respective php53* packages
173 before the upgrade (except the JSON package, which PHP 5.3 provides internally).
174
175 Database triggers are used for some data consistency measures. The database
176 user account must have the 'TRIGGER' privilege, which was introduced in
177 MySQL 5.1.7.
178
179 The `IPV4OBJ_LISTSRC` configuration option is reset to an expression which enables
180 the IP addressing feature for all object types except those listed.
181
182 Tags could now be assigned on the Edit/Properties tab using a text input with
183 auto-completion. Type a star '*' to view full tag tree in auto-complete menu.
184 It is worth to add the following line to the permissions script if the
185 old-fashioned 'Tags' tab is not needed any more:
186 ```
187 deny {$tab_tags} # this hides 'Tags' tab
188 ```
189
190 This release converts collation of all DB fields to the `utf8_unicode_ci`. This
191 procedure may take some time, and could fail if there are rows that differ only
192 by letter case. If this happen, you'll see the failed SQL query in upgrade report
193 with the "Duplicate entry" error message. Feel free to continue using your
194 installation. If desired so, you could eliminate the case-duplicating rows
195 and re-apply the failed query.
196
197 ### Upgrading to 0.20.6
198
199 New `MGMT_PROTOS` configuration option replaces the `TELNET_OBJS_LISTSRC`,
200 `SSH_OBJS_LISTSRC` and `RDP_OBJS_LISTSRC` options (converting existing settings as
201 necessary). `MGMT_PROTOS` allows to specify any management protocol for a
202 particular device list using a RackCode filter. The default value
203 (`ssh: {$typeid_4}, telnet: {$typeid_8}`) produces `ssh://server.fqdn` for
204 servers and `telnet://switch.fqdn` for network switches.
205
206 ### Upgrading to 0.20.5
207
208 This release introduces the VS groups feature. VS groups is a new way to store
209 and display virtual services configuration. There is a new "ipvs" (VS group)
210 realm. All previously existing VS configuration remains functional and user
211 is free to convert it to the new format, which displays it in a more natural way
212 and allows to generate virtual_server_group keepalived configs. To convert a
213 virtual service to the new format, it is necessary to manually create a VS group
214 object and assign IP addresses to it. The VS group will display a "Migrate" tab
215 to convert the old-style VS objects, which can be removed after a successful
216 conversion.
217
218 The old-style VS configuration becomes **deprecated**. Its support will be removed
219 in a future major release. So it is strongly recommended to convert it to the
220 new format.
221
222 ### Upgrading to 0.20.4
223
224 Please note that some dictionary items of Cisco Catalyst 2960 series switches
225 were renamed to meet official Cisco classification:
226
227 old name | new name
228 ------------|---------
229 2960-48TT | 2960-48TT-L
230 2960-24TC | 2960-24TC-L
231 2960-24TT | 2960-24TT-L
232 2960-8TC | 2960-8TC-L
233 2960G-48TC | 2960G-48TC-L
234 2960G-24TC | 2960G-24TC-L
235 2960G-8TC | 2960G-8TC-L
236 C2960-24 | C2960-24-S
237 C2960G-24PC | C2960-24PC-L
238
239 The `DATETIME_FORMAT` configuration option used in setting date and time output
240 format now uses a [different](http://php.net/manual/en/function.strftime.php)
241 syntax. During upgrade the option is reset to
242 the default value, which is now %Y-%m-%d (YYYY-MM-DD) per ISO 8601.
243
244 This release intoduces two new configuration options:
245 `REVERSED_RACKS_LISTSRC` and `NEAREST_RACKS_CHECKBOX`.
246
247 ### Upgrading to 0.20.1
248
249 The 0.20.0 release includes bug which breaks IP networks' capacity displaying on
250 32-bit architecture machines. To fix this, this release makes use of PHP's BC
251 Math module. It is a new reqiurement. Most PHP distributions have this module
252 already enabled, but if yours does not - you need yo recompile PHP.
253
254 Security context of 'ipaddress' page now includes tags from the network
255 containing an IP address. This means that you should audit your permission rules
256 to check there is no unintended allows of changing IPs based on network's
257 tagset. Example:
258 ```
259 allow {client network} and {New York}
260 ```
261 This rule now not only allows any operation on NY client networks, but also any
262 operation with IP addresses included in those networks. To fix this, you should
263 change the rule this way:
264 ```
265 allow {client network} and {New York} and not {$page_ipaddress}
266 ```
267
268 ### Upgrading to 0.20.0
269
270 WARNING: This release have too many internal changes, some of them were waiting
271 more than a year to be released. So this release is considered "BETA" and is
272 recommended only to curiuos users, who agree to sacrifice the stability to the
273 progress.
274
275 Racks and Rows are now stored in the database as Objects. The RackObject table
276 was renamed to Object. SQL views were created to ease the migration of custom
277 reports and scripts.
278
279 New plugins engine instead of `local.php` file. To make your own code stored in
280 `local.php` work, you must move the `local.php` file into the `plugins/` directory.
281 The name of this file does not matter any more. You also can store multiple
282 files in that dir, separate your plugins by features, share them and try the
283 plugins from other people just placing them into `plugins/` dir, no more merging.
284
285 * `$path_to_local_php` variable has no special meaning any more.
286 * `$racktables_confdir` variable is now used only to search for `secret.php` file.
287 * `$racktables_plugins_dir` is a new overridable special variable pointing to `plugins/` directory.
288
289 Beginning with this version it is possible to delete IP prefixes, VLANs, Virtual
290 services and RS pools from within theirs properties tab. So please inspect your
291 permissions rules to assure there are no undesired allows for deletion of these
292 objects. To ensure this, you could try this code in the beginning of permissions
293 script:
294 ```
295 allow {userid_1} and {$op_del}
296 deny {$op_del} and ({$tab_edit} or {$tab_properties})
297 ```
298
299 Hardware gateways engine was rewritten in this version of RackTables. This means
300 that the file `gateways/deviceconfig/switch.secrets.php` is not used any more. To
301 get information about configuring connection properties and credentials in a new
302 way please read [this](http://wiki.racktables.org/index.php/Gateways).
303
304 This also means that recently added features based on old API (D-Link switches
305 and Linux gateway support contributed by Ilya Evseev) are not working any more
306 and waiting to be forward-ported to new gateways API. Sorry for that.
307
308 Two new config variables appeared in this version:
309 - `SEARCH_DOMAINS`. Comma-separated list of DNS domains which are considered
310 "base" for your network. If RackTables search engine finds multiple objects
311 based on your search input, but there is only one which FQDN consists of
312 your input and one of these search domains, you will be redirected to this
313 object and other results will be discarded. Such behavior was unconditional
314 since 0.19.3, which caused many objections from users. So welcome this
315 config var.
316 - `QUICK_LINK_PAGES`. Comma-separated list of RackTables pages to display links
317 to them on top. Each user could have his own list.
318
319 Also some of config variables have changed their default values in this version.
320 This means that upgrade script will change their values if you have them in
321 previous default state. This could be inconvenient, but it is the most effective
322 way to encourage users to use new features. If this behavior is not what you
323 want, simply revert these variables' values:
324
325 variable | old | new | comment
326 ------------------------|-------------|-------|--------
327 `SHOW_LAST_TAB` | no | yes
328 `IPV4_TREE_SHOW_USAGE` | yes | no | Networks' usage is still available by click.
329 `IPV4LB_LISTSRC` | {$typeid_4} | false
330 `FILTER_DEFAULT_ANDOR` | or | and | This implicitly enables the feature of dynamic tree shrinking.
331 `FILTER_SUGGEST_EXTRA` | no | yes | Yes, we have extra logical filters!
332 `IPV4_TREE_RTR_AS_CELL` | yes | no | Display routers as simple text, not cell.
333
334 Also please note that variable `IPV4_TREE_RTR_AS_CELL` now has third special value
335 besides 'yes' and 'no': 'none'. Use 'none' value if you are experiencing low
336 performance on IP tree page. It will completely disable IP ranges scan for
337 used/spare IPs and the speed of IP tree will increase radically. The price is
338 you will not see the routers in IP tree at all.