Homer

Homer en CentOS 8

La siguiente entrada sirve como guía detallada para la instalación de Homer en CentOS 8.

Seguramente ya sabrás que Homer es un sistema muy versátil que permite hacer labores de análisis y depuración (captura de paquetes IP) de manera muy sencilla e intuitiva. En Kolmisoft la han incorporado hace ya un tiempo para sus trabajos de soporte sobre MOR y M2 y es altamente recomendable.

Sigue leyendo para ver que poner un Homer (no el de la imagen) en su sistema puede resultarte de gran ayuda.

Instalación de Homer

Existen diferentes configuraciones en que Homer puede ser instalado. Vamos a optar por la siguiente:

Actualizar el sistema

dnf update

Si hubiera alguna actualización será necesario actualizar el sistema:

reboot

Deshabilitar Selinux

setenforce 0
echo -e “SELINUX=disabled\nSELINUXTYPE=targeted” > /etc/selinux/config

Sincronizar la hora

dnf -y install chrony ntpstat
systemctl enable chronyd
systemctl start chronyd

A continuación, seleccionamos la zona horaria

timedatectl set-timezone Europe/London

Instalar los paquetes

dnf -y install wireshark-cli net-tools wget firewalld tar sqlite

Levantar el firewall

systemctl start firewalld
systemctl enable firewalld

Instalar y configurar Prometheus

cd /usr/src/
wget https://github.com/prometheus/prometheus/releases/download/v2.22.0/prometheus-2.22.0.linux-amd64.tar.gz
tar -xzvf prometheus-2.22.0.linux-amd64.tar.gz
mv prometheus-2.22.0.linux-amd64/ prometheus/

mkdir /home/prometheus
mv /usr/src/prometheus /home/prometheus/prometheus

cd /etc/systemd/system/
touch prometheus.service

Ejecutar todas estas líneas de una vez hasta el EOF

cat << 'EOF' > /etc/systemd/system/prometheus.service

[Unit]
Description=Prometheus Server
Documentation=https://prometheus.io/docs/introduction/overview/
After=network-online.target

[Service]
User=root
Restart=on-failure

ExecStart=/home/prometheus/prometheus/prometheus \
--config.file=/home/prometheus/prometheus/prometheus.yml \
--storage.tsdb.path=/home/prometheus/prometheus/data

[Install]
WantedBy=multi-user.target

EOF

/bin/systemctl enable prometheus
mkdir -p /etc/prometheus
ln -s /home/prometheus/prometheus/prometheus.yml /etc/prometheus/prometheus.yml

echo "  - job_name: 'heplify-server'" >> /etc/prometheus/prometheus.yml
echo "    scrape_interval: 5s" >> /etc/prometheus/prometheus.yml
echo "    static_configs:" >> /etc/prometheus/prometheus.yml
echo "    - targets: [':::9096']" >> /etc/prometheus/prometheus.yml
service prometheus restart

Comprobar si se está ejecutando:

systemctl is-active prometheus.service

o

netstat -plntu | grep prometheus

Instalar y configurar Grafana

yum -y install initscripts urw-fonts fontconfig freetype*
cd /usr/src/
wget https://dl.grafana.com/oss/release/grafana-7.2.2-1.x86_64.rpm
yum -y localinstall grafana-7.2.2-1.x86_64.rpm

/bin/systemctl daemon-reload
/bin/systemctl enable grafana-server.service
/bin/systemctl start grafana-server.service

Ejecutar todas estas líneas de una vez hasta el EOF

cat << EOF | sqlite3 /var/lib/grafana/grafana.db || echo “Failed to add data source.”
INSERT INTO data_source VALUES (2,1,0,’prometheus’,’Prometheus’,’proxy’,’http://localhost:9090′,NULL,NULL,NULL,0,NULL,NULL,1,'{“httpMethod”:”GET”,”keepCookies”:[]}’,’2017-01-15 20:00:00′,’2017-01-15 20:00:00′,0,'{}’,NULL,1);
EOF

Abrir un acceso desde fuera:

firewall-cmd –add-port=3000/tcp –permanent
firewall-cmd –reload

Verificar si el servicio está activo:

systemctl is-active grafana-server.service
 

Instalar el panel preconfigurado de Grafana desde https://github.com/sipcapture/homer-docker/tree/master/heplify-server/hom7-hep-prom-graf/grafana/provisioning/dashboards

Poner todos los ficheros en /etc/grafana/provisioning/dashboards/ y service grafana-server restart

Instalar y configurar PostgreSQL

dnf -y module enable postgresql:12
dnf -y install postgresql-server
postgresql-setup --initdb

systemctl start postgresql
systemctl enable postgresql
 
Comprobar si está correcto:
 

postgres -V

sudo -u postgres psql -U postgres -d postgres -c "alter user postgres with password 'postgres';"
mkdir -p /etc/postgresql
ln -s /var/lib/pgsql/data/pg_hba.conf /etc/postgresql/pg_hba.conf
ln -s /var/lib/pgsql/data/postgresql.conf /etc/postgresql/postgresql.conf

sed -i "s|ident\+|password|g" /var/lib/pgsql/data/pg_hba.conf
systemctl restart postgresql

Instalar y configurar el Heplify-server

curl -s https://packagecloud.io/install/repositories/qxip/sipcapture/script.rpm.sh | sudo bash
dnf -y install heplify-server
mkdir -p /etc/heplify-server
ln -s /etc/heplify-server.toml /etc/heplify-server/heplify-server.tom
 
Ejecutar el texto completo hasta el EOF
 
cat << ‘EOF’ > /etc/heplify-server.toml
HEPAddr = “0.0.0.0:9060”
HEPTCPAddr = “”
HEPTLSAddr = “0.0.0.0:9060”
ESAddr = “”
ESDiscovery = false
LokiURL = “”
LokiBulk = 200
LokiTimer = 4
LokiBuffer = 100000
LokiHEPFilter = [1,5,100]
ForceHEPPayload = []
PromAddr = “0.0.0.0:9096”
PromTargetIP = “”
PromTargetName = “”
DBShema = “homer7”
DBDriver = “postgres”
DBAddr = “127.0.0.1:5432”
DBUser = “postgres”
DBPass = “postgres”
DBDataTable = “homer_data”
DBConfTable = “homer_config”
DBBulk = 200
DBTimer = 4
DBBuffer = 400000
DBWorker = 8
DBRotate = true
DBPartLog = “2h”
DBPartSip = “1h”
DBPartQos = “6h”
DBDropDays = 14
DBDropDaysCall = 0
DBDropDaysRegister = 0
DBDropDaysDefault = 0
DBDropOnStart = false
Dedup = false
DiscardMethod = [“OPTIONS”,”NOTIFY”]
AlegIDs = []
CustomHeader = []
SIPHeader = []
LogDbg = “hep,sql”
LogLvl = “warning”
LogStd = false
LogSys = false
Config = “./heplify-server.toml”
ConfigHTTPAddr = “”
EOF
 
Cambiar la IP 111.111.111.111 en el siguiente código por la IP de su servidor externo:
 

sed -i "s|HEPAddr = \"0.0.0.0:9060\"\+|HEPAddr = \"111.111.111.111:9060\"|g" /etc/heplify-server.toml
sed -i "s|HEPTLSAddr = \"0.0.0.0:9060\"\+|HEPTLSAddr = \"111.111.111.111:9060\"|g" /etc/heplify-server.toml

mkdir -p /var/log/homer

Ejecutar lo siguiente hasta el EOF:
 

cat << 'EOF' > /usr/lib/systemd/system/heplify-server.service
[Unit]
Description=HEP Server & Switch in Go
After=network.target

[Service]
WorkingDirectory=/var/log/homer
Environment="HEPLIFY_CONFIG=-config=/etc/heplify-server.toml"
ExecStart=/usr/local/bin/heplify-server $HEPLIFY_CONFIG
ExecStop=/bin/kill ${MAINPID}
Restart=on-failure
RestartSec=10s
Type=simple

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl restart heplify-server

Verificar si está correcto:

systemctl status heplify-server

netstat -vatupn | grep heplify-serv

y luego

cat /var/log/homer/heplify-server.log | grep “postgres connection established”

Esto debería de mostrar: 2021-01-07T08:02:52Z INFO prostgres connection established

firewall-cmd --add-port=9060/udp --permanent
firewall-cmd --reload

Instalar y configurar Homer-app

dnf -y install homer-app
ln -s /usr/local/homer/etc/ /etc/homer-app
 
Ejecutar lo siguiente hasta el EOF:
 
cat << 'EOF' > /usr/local/homer/etc/webapp_config.json
{
"database_data": {
"LocalNode": {
"help": "Settings for PGSQL Database (data)",
"node": "LocalNode",
"user": "homer_user",
"pass": "homer_password",
"name": "homer_data",
"keepalive": true,
"host": "127.0.0.1"
}
},
"hep_relay": {
"help": "UDP socket to send HEP data on",
"host": "127.0.0.1",
"port": 9060
},
"database_config": {
"help": "Settings for PGSQL Database (settings)",
"node": "LocalConfig",
"user": "homer_user",
"pass": "homer_password",
"name": "homer_config",
"keepalive": true,
"host": "127.0.0.1"
},
"influxdb_config": {
"help": "Settings for InfluxDB Database (optional)",
"user": "influx_user",
"pass": "influx_password",
"name": "homer_config",
"host": "http://127.0.0.1:8086",
"database": "homer",
"policy": "autogen"
},
"prometheus_config": {
"help": "Settings for Prometheus Database (optional)",
"user": "admin",
"pass": "admin",
"host": "http://0.0.0.0:9090",
"api": "api/v1"
},
"loki_config": {
"help": "Settings for LOKI Database (optional)",
"user": "admin",
"pass": "admin",
"host": "http://127.0.0.1:3100",
"api": "loki/api/v1",
"param_query": "query_range"
},
"http_settings": {
"help": "Settings for the HOMER Webapp Server. If you have gzip_static = false, please be sure that your dist directory has uncompressed .js files",
"host": "1.1.1.1",
"port": 9080,
"root": "/usr/local/homer/dist",
"gzip": true,
"gzip_static": true,
"debug": false
},
"https_settings": {
"help": "SSL settings for homer-app",
"enable": false,
"host": "0.0.0.0",
"port": 443,
"cert": "/usr/local/homer/tls/cert.pem",
"key": "/usr/local/homer/tls/key.pem"
},
"system_settings": {
"help": "Settings for HOMER logs",
"logpath": "/var/log/homer",
"logname": "homer-app.log",
"_loglevels": "can be: fatal, error, warn, info, debug, trace",
"loglevel": "warn",
"logstdout": false
},
"auth_settings": {
"_comment": "The type param can be internal, ldap, http_auth",
"type": "internal",
"token_expire": 1200
},
"ldap_config": {
"base": "dc=example,dc=com",
"host": "ldap.example.com",
"port": 389,
"usessl": false,
"skiptls": true,
"binddn": "uid=readonlysuer,ou=People,dc=example,dc=com",
"bindpassword": "readonlypassword",
"userfilter": "(uid=%s)",
"groupfilter": "(memberUid=%s)",
"groupattribute": "cn",
"admingroup": "admin",
"adminmode": true,
"usergroup": "HOMER_user",
"usermode": true,
"attributes": ["dn", "givenName", "sn", "mail", "uid"],
"skipverify": true,
"anonymous": false,
"userdn": "uid=%s,ou=People,dc=example,dc=com"
},
"http_auth": {
"url": "http://localhost:1323",
"skipverify": true
},
"decoder_shark": {
"_comment": "Here you can do packet decoding to using tshark application. Please define uid, gid if you run the app under root",
"active": true,
"bin": "/usr/bin/tshark",
"protocols": ["1_call", "1_registration", "1_default"]
}
}
EOF
 
Cambiar la IP 111.111.111.111 en el siguiente código por la IP de su servidor externo:
 

sed -i "s|1.1.1.1\+|111.111.111.111|g" /usr/local/homer/etc/webapp_config.json

homer-app -create-config-db -database-root-user=postgres -database-host="127.0.0.1" -database-root-password=postgres -database-homer-user=homer_user
homer-app -create-data-db -database-root-user=postgres -database-host="127.0.0.1" -database-root-password=postgres -database-homer-user=homer_user
homer-app -create-table-db-config
homer-app -populate-table-db-config
homer-app -upgrade-table-db-config

service homer-app restart

Verificar si está correcto:

netstat -vatupn | grep homer

firewall-cmd --add-port=9080/tcp --permanent
firewall-cmd --reload

Acceso web

Con todo esto hecho los accesos serían los siguientes:
  • Grafana: http://IP_SERVIDOR:3000 (admin / admin)
  • Homer-app: http://IP_SERVIDOR:9080 (admin / sipcapture)

Tras el primer acceso cambiaremos las contraseñas.

Ficheros de configuración

El procedimiento de instalación hizo symlinks en la misma ubicación que los ficheros de configuración, se pueden encontrar ahí:

  • /etc/prometheus
  • /etc/grafana
  • /etc/postgresql
  • /etc/heplify-server
  • /etc/homer-app

Agente para capturas

En el servidor que queremos monitorizar podemos instalar algún agente de captura, por ejemplo Heplify y apuntar el servidor Homer.

Fill out my online form