Part 5: Deploy, configure, and maintain systems
1) Configure networking and hostname resolution statically or dynamically.
* set order in file: /etc/nsswitch.conf
* hostname resolution statically in /etc/hosts, example lines:
# localhost
127.0.0.1 localhost
# pld64 in vbox
172.16.200.11 pld64 pld64.abram.pl
# redhat in vbox
172.16.200.9 redhat redhat.abram.pl
Let's try it how it works using by ping command (in redhat box I add lines to /etc/hosts)
[root@redhat ~]# ping pld64.abram.pl -c 1
PING pld64 (172.16.200.11) 56(84) bytes of data.
64 bytes from pld64 (172.16.200.11): icmp_seq=1 ttl=64 time=0.739 ms
[root@redhat ~]# ping pld64 -c 1
PING pld64 (172.16.200.11) 56(84) bytes of data.
64 bytes from pld64 (172.16.200.11): icmp_seq=1 ttl=64 time=0.483 ms
[root@pld64 ~]# ping redhat
PING redhat (172.16.200.9) 56(84) bytes of data.
64 bytes from redhat (172.16.200.9): icmp_seq=1 ttl=64 time=1.24 ms
Try ping redhat.abram.pl from host which doesnt has lines in /etc/hosts and redhat doesnt exists in abram.pl ;)
[abram@pld64-laptop ~]$ ping redhat.abram.pl -c 1
ping: unknown host redhat.abram.pl
* hostname resolution dynamically in /etc/resolv.conf, file has lines:
domain abram.pl
search abram.pl abram.eu.org
nameserver 172.16.200.1
nameserver 172.16.11.1
* host order resolution is set in /etc/host.conf, two examples from redhat and pld
[root@pld64 ~]# cat /etc/host.conf
order hosts,bind
multi on
[root@redhat ~]# cat /etc/host.conf
multi on
* networking in /etc/sysconfig/network (in another distros that file can have more lines),
start networking or not, hostname ;)
[root@redhat ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=redhat.abram.pl
* networking dynamically (from dhcp)
[root@redhat ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=08:00:27:68:4b:ac
TYPE=Ethernet
#UUID=94823bdd-27b1-498a-ae17-4bb9c06b9733
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
* networking statically, in file /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="static"
DNS1="10.1.1.1"
GATEWAY="10.1.1.1"
HWADDR="08:00:27:29:51:E8"
IPADDR="10.1.1.2"
IPV6INIT="yes"
NETMASK="255.255.255.0"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"
UUID="cee63504-36fa-483b-b272-c4736396bb40"
Sample file from PLD Linux:
IPADDR=192.168.100.234/24
IPADDR2=192.168.136.234/24
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
GATEWAY=192.168.100.1
GATEWAYDEV=eth1
* after change eth files:
ifdown eth1
ifup eth1
or
service network restart (which stop all devices and will start them again)
2) Schedule tasks using cron.
* files and dirs in redhat (in other distros, they can be little different ;) )
/etc/crontab
/etc/cron.d/0hourly
/etc/cron.hourly/0anacron
/etc/cron.daily/{logrotate,makewhatis.cron,rhsmd}
/etc/cron.weekly/
/etc/cron.monthly/
/etc/anacrontab
Just go to files ;), 1st find packages: rpm -qa | grep cron, then rpm -ql cronie and do job!!!
* /etc/cron.deny or in other distro find cron.deny and cron.allow, there put name of user which can use
crontab or can't use it! default in my redhat (Red Hat Enterprise Linux Server release 6.4 (Santiago))
user abram can do crontab. in other distro it is better to allow it ;)
* prepare user crontab
EDITOR=vim crontab -e or just crontab -e
* list crontab as owner
[abram@redhat ~]$ crontab -l
*/1 * * * * /home/abram/bin/x.sh
* list crontab as root for user
[root@redhat ~]# crontab -l -u abram
*/1 * * * * /home/abram/bin/x.sh
* root can edit crontab of user ;)
[root@redhat ~]# crontab -e -u abram
* fields in crontab, that 5 magic stars ;-)
minute (from 0 to 59)
hour (from 0 to 23)
day of month (from 1 to 31)
month (from 1 to 12)
day of week (from 0 to 6) (0=Sunday)
* some crazy sample ;)
*/10 * 4-6 2 * /bin/xxx (each 10 min, 4th,5th,6th day of month,at 2nd month run /bin/xxx)
3) Configure systems to boot into a specific runlevel automatically.
* go to /etc/inittab, find line: id:3:initdefault: and change 3 to whatever need!
4) Install Red Hat Enterprise Linux automatically using Kickstart.
* yum install system-config-kickstart
* run system-config-kickstart, save file
* share it somwhere, in my case my local rhel server in vbox
cp ks.cfg /var/www/html/
* run pc from cdrom, there should few options to boot, choose 1st from top, install new or somethig,
press tab and add
ks=http://172.16.200.9/ks.cfg
in httpd server logs:
==> /var/log/httpd/access_log <==
172.16.200.12 - - [24/Apr/2013:01:54:31 +0200] "GET /ks.cfg HTTP/1.1" 200 1070 "-" "anaconda/13.21.195"
* from NFS
ks=nfs:host:/ks.cfg
* linux ks=http://172.16.200.9/ks.cfg append ip=192.168.111.222 netmask=255.255.255.0
but it is not tested
* DVD drive ks=cdrom:/directory/ks.cfg
* Hard Drive ks=hd:/device/directory/ks.cfg
* Other Device ks=file:/device/directory/ks.cfg
* HTTP Server ks=http://server.mydomain.com/directory/ks.cfg
* FTP Server ks=ftp://server.mydomain.com/directory/ks.cfg
* NFS Server ks=nfs:server.mydomain.com:/directory/ks.cfg
5) Configure a physical machine to host virtual guests.
* probably system need some packages
yum groupinstall "Virtualization"
yum groupinstall "Virtualization Client"
yum install kvm
yum install qemu
6) Install Red Hat Enterprise Linux systems as virtual guests.
* X GUI
maybe need: yum groupinstall 'X Window System'
open virt-manager and click click ...
PICTURES ;) http://virt-manager.et.redhat.com/screenshots/install.html
* console commands, I wonder if it can be done on my VirtualBox RHEL ;)
from that site: http://manyrootsofallevilrants.blogspot.com/2011/06/install-red-hat-enterprise-linux_09.html
virt-install -n test -r 1024 --vcpu=1 -l nfs:10.168.20.227:/distro --os-type='linux' --os-variant='rhel6' --network network:default --file=/var/lib/libvirt/images/test.img --file-size=6 -x console=ttyS0
a lot of BLA BLA ;)
7) Configure systems to launch virtual machines at boot.
* see what virsh can do (man)
* virsh list
* virsh start MACHINE
* virsh shutdown MACHINE
* virsh destroy MACHINE (take power off ;) )
* virsh autostart MACHINE (will add MACINE to start when server boot ;) )
8) Configure network services to start automatically at boot.
* go to chkconfig command!
* maybe is ntsysv ???
9) Configure a system to run a default configuration HTTP server.
* REMEMBER ABOUT SELINUX ...
* install httpd using yum command
yum install httpd
* prepare simple html file
echo "redhat test http server" > /var/www/html/index.html; chmod 644 /var/www/html/index.html
* change ServerName in /etc/httpd/conf/httpd.conf
ServerName redhat.abram.pl:80
* check status of service and set it on when need it ;)
chkconfig httpd --list
chkconfig httpd on
or specify level: chkconfig httpd --level 5 on
* start httpd daemon
service httpd start
* check if that http server works
[root@redhat ~]# echo -e "GET /index.html HTTP/1.0\r\n" | nc redhat.abram.pl 80
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2013 18:19:29 GMT
Server: Apache/2.2.15 (Red Hat)
Last-Modified: Tue, 23 Apr 2013 18:09:58 GMT
ETag: "1024-18-4db0b17e218d0"
Accept-Ranges: bytes
Content-Length: 24
Connection: close
Content-Type: text/html; charset=UTF-8
redhat test http server
or just install lynx text webrowser and then:
lynx redhat.abram.pl
* maybe server need to open in iptables 80 port tcp for http?
[root@redhat ~]# iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
[root@redhat ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
or
system-config-firewall
10) Configure a system to run a default configuration FTP server.
* REMEMBER ABOUT SELINUX ...
* install ftpd daemon and ftp client
yum install vsftpd ftp
* service vsftpd start
* chkconfig vsftpd on (or choose level)
* iptables -A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
* iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
* service iptables save
* maybe on redhat it's ok to check that system load module nf_conntrack_ftp via iptables scripts?
in file /etc/sysconfig/iptables-config
* checking selinux
[root@redhat ~]# ls -lZ /var/| grep ftp
drwxr-xr-x. root root system_u:object_r:public_content_t:s0 ftp
[root@redhat ~]# ls -lZ /var/ftp/
drwxr-xr-x. root root system_u:object_r:public_content_t:s0 pub
[root@redhat ~]# echo 'test' > /var/ftp/pub/test.txt
[root@redhat ~]# echo 'test' > /var/ftp/pub/test.txt
[root@redhat ~]# ls -la /var/ftp/pub/test.txt
-rw-r--r--. 1 root root 5 04-23 22:33 /var/ftp/pub/test.txt
[root@redhat ~]# ls -lZ /var/ftp/pub/test.txt
-rw-r--r--. root root unconfined_u:object_r:public_content_t:s0 /var/ftp/pub/test.txt
file test.txt can be downloaded via ftp
moved file from /root to /var/ftp/pub
[root@redhat ~]# ls -lZ install.log
-rw-r--r--. root root system_u:object_r:admin_home_t:s0 install.log
[root@redhat ~]# mv install.log /var/ftp/pub/
[root@redhat ~]# ls -lZ /var/ftp/pub/install.log
-rw-r--r--. root root system_u:object_r:admin_home_t:s0 /var/ftp/pub/install.log
file install.log has 644 but selinux doesnt allow it to see on ftp
lftp 172.16.200.9:/pub> get install.log
get: Access failed: 550 Failed to open file. (install.log)
in /var/log/xferlog:
==> xferlog <==
Tue Apr 23 22:43:11 2013 1 172.16.200.4 0 /pub/install.log b _ o a lftp@ ftp 0 * i
Tue Apr 23 22:43:18 2013 1 172.16.200.4 0 /pub/install.log b _ o a lftp@ ftp 0 * i
get test.txt
Tue Apr 23 22:44:01 2013 1 172.16.200.4 5 /pub/test.txt b _ o a lftp@ ftp 0 * c
* restore selinux context, two ways.
1st) using default context for /var/ftp
restorecon -RvF /var/ftp
restorecon reset /var/ftp/pub/test.txt context unconfined_u:object_r:public_content_t:s0->system_u:object_r:public_content_t:s0
restorecon reset /var/ftp/pub/install.log context system_u:object_r:admin_home_t:s0->system_u:object_r:public_content_t:s0
2nd) command line
chcon -v -R -u system_u -r object_r -t public_content_t /var/ftp
changing security context of `/var/ftp/pub/test.txt'
changing security context of `/var/ftp/pub/install.log'
changing security context of `/var/ftp/pub'
changing security context of `/var/ftp'
* after change selinux things new file is ready to download
lftp 172.16.200.9:/pub> ls
-rw-r--r-- 1 0 0 9694 Apr 15 13:52 install.log
-rw-r--r-- 1 0 0 5 Apr 23 20:33 test.txt
11) Install and update software packages from Red Hat Network, a remote repository, or from the local file system.
* maybe need to import key from repo?
rpm --import gpgkey
* from local file system using rpm
cd /somewhere_for_packages
rpm -Uhv package-to-update.rpm (--test is OK ;) )
rpm -ihv package-to-install.rpm (--test is OK)
* from Red Hat Network, maybe need to register system?
rhn_register, then go, it should prepare yum to use RHN repos
[root@redhat ~]# yum repolist
Loaded plugins: downloadonly, product-id, rhnplugin, subscription-manager
This system is receiving updates from Red Hat Subscription Management.
This system is receiving updates from RHN Classic or RHN Satellite.
rhel-6-server-cf-tools-1-rpms | 2.8 kB 00:00
rhel-6-server-rhev-agent-rpms | 3.1 kB 00:00
rhel-6-server-rpms | 3.7 kB 00:00
repo id repo name status
rhel-6-server-cf-tools-1-rpms Red Hat CloudForms Tools for RHEL 6 (RPMs) 30
rhel-6-server-rhev-agent-rpms Red Hat Enterprise Virtualization Agents for RHEL 6 Server (RPMs) 16
rhel-6-server-rpms Red Hat Enterprise Linux 6 Server (RPMs) 7934
rhel-i386-server-6 Red Hat Enterprise Linux Server (v. 6 for 32-bit x86) 7926
repolist: 15906
* prepare yum to use local repo from directory
create file /etc/yum.repos.d/local.repo with content
[local]
name=local
baseurl=file:///directory/path/to/repo/
enabled=1
gpgcheck=0
TIP: it could be mounted cdrom or copied ISO cdrom/dvd file mounted using loop to directory...
* prepare yum to use local repo from http server
create file /etc/yum.repos.d/from-http.repo
[remote]
name=remote
baseurl=http://10.1.1.1/repo/i386/
enabled=1
gpgcheck=0
* maybe directory with rpm files need to prepare to be repo? then go
cd /directory
createrepo .
* how to use created repo, it is simple
yum --disablerepo=* --enablerepo=remote --enablerepo=local install (packages)
12) Update the kernel package appropriately to ensure a bootable system.
* yum update kernel
* or maybe better is get fresh kernel from repo and then rpm -ihv kernel-*****rpm
* yum install yum-downloadonly (will add special plugin to yum)
yum update kernel -y --downloadonly (will download kernel package)
files goes to: /var/cache/yum/i386/6Server/rhel-6-server-rpms/packages/ (find / -iname "*.rpm" )
install them (check)
rpm -ihv kernel* --test
rpm -ihv kernel*A
CHECK grub! there should be added new kernel as default, reboot server, go!
13) Modify the system bootloader.
* always backup /boot/grub/menu.lst before editing
* cat /boot/grub/menu.lst
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux (2.6.32-358.el6.i686)
root (hd0,0)
kernel /vmlinuz-2.6.32-358.el6.i686 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-358.el6.i686.img
* some more grub from my laptop
# windows
title windows
rootnoverify (hd0,0)
makeactive
chainloader +1
# For installing GRUB into the hard disk
title Install GRUB into the hard disk
root (hd0,3)
setup (hd0)
I passed my RedHat EX200 earlier this morning. You know what? I just use study materials from Dumpsforsure site, no other books at all! It is really helpful if you do not get much time to prepare your RedHat exam. You should have a try. It won't let you down. Why do you want to take roundabout ways if there is a shortcut? Trust me or not. Good luck to you all.
OdpowiedzUsuń