If you have deployed the VCSA a couple of dozen times like me then you quickly realize that it is necessary to script the initial configuration of the device. I would highly recommend taking a look at William Lam’s blog for some great setup scripts including:

• http://www.virtuallyghetto.com/2012/09/automating-vcsa-51-vcenter-server.html
• http://www.virtuallyghetto.com/2012/10/vghetto-lab-notsupported-slides-posted.html
• http://www.virtuallyghetto.com/2013/02/automating-vcsa-network-configurations.html

Something that I noticed was missing from William’s scripts was the ability to configure application layer services such as NTP and Syslog. As such, I put together a couple quick scripts shared below.

NTP

# optional
NTP_SERVER_1=0.north-america.pool.ntp.org
NTP_SERVER_2=1.north-america.pool.ntp.org
# FIXME - only accepts up to two NTP servers
if [ ! -z "${NTP_SERVER_2}" ]; then
sed -i -e "/^## # rcntp/a server ${NTP_SERVER_2}" /etc/ntp.conf
fi
if [ ! -z "${NTP_SERVER_1}" ]; then
echo -n "Configuring NTP..."
echo "Configuring ntp ${NTP_SERVER_1}"
sed -i -e "/^## # rcntp/a server ${NTP_SERVER_1}" /etc/ntp.conf
/etc/init.d/ntp restart
chkconfig --level 235 ntp on
echo "done"
fi

One important thing I would like to point out is that on the VCSA NTP is not configured to start on boot:

~ # chkconfig --list ntp
ntp 0:off 1:off 2:off 3:off 4:off 5:off 6:off

This is easy to fix with:

~ # chkconfig ntp on
insserv: Service network is missed in the runlevels 4 to use service postgresql
insserv: Service syslog is missed in the runlevels 4 to use service postgresql
~ # chkconfig --list ntp
ntp 0:off 1:off 2:off 3:on 4:off 5:on 6:off

However, if you look at other services such as syslog they default to 2, 3, and 5:

~ # chkconfig --list syslog
syslog 0:off 1:off 2:on 3:on 4:off 5:on 6:off

So you could decide to mimic this on NTP like I did in the above script:

~ # chkconfig --level 235 ntp
ntp on
~ # chkconfig --list ntp
ntp 0:off 1:off 2:off 3:on 4:off 5:on 6:off

Syslog

# optional
SYSLOG_SERVER=10.250.1.40
SYSLOG_PROTOCOL=tcp # defaults to udp
SYSLOG_PORT=5140 # defaults to 514
# FIXME - only accepts a single forwarder to a single protocol on a single port
if [ ! -z "${SYSLOG_SERVER}" ]; then
echo -n "Configuring syslog..."
if [ -z "${SYSLOG_PROCOTOL}" ]; then SYSLOG_PROTOCOL=udp; fi
if [ -z "${SYSLOG_PORT}" ]; then SYSLOG_PORT=514; fi
sed -i -e '/^#log { source(src); destination(logserver); };/a log { source(src); destination(logserver); };' /etc/syslog-ng/syslog-ng.conf
sed -i -e '/^#log { source(src); destination(logserver); };/a destination logserver { '${SYSLOG_PROTOCOL}'("'${SYSLOG_SERVER}'" port('${SYSLOG_PORT}')); };' /etc/syslog-ng/syslog-ng.conf
/etc/init.d/syslog restart
echo "done"
fi

For those curious why the SYSLOG_PORT is set to 5140 for TCP, it is because 514/TCP is reserved for remote shell (rsh). If you are not using this port for rsh then you could use it for syslog. Instead, I chose to use another port just in case. Common alternative ports I have seen used are 5140 and 5014.

© 2013, Steve Flanders. All rights reserved.