Thursday, August 25, 2016

Redhat Satellite 6.2.1 installation overview



This document is a quick view of commands to complete the installation of Redhat Satellite 6.2.1

Minumum Hardware requirement

CPU 4 cores
RAM 16GB
swap 1.5 of RAM
hostname FQDN

Storage requirement for Satellite server.

Make a seperate partition for /var/lib/pulp because this partition will contain all the content.
Overall /var should have more than 500GB.

1. Configure the FQDN hostname

#hostnamectl set-hostname sat01.polyglot.com

2. install and enable ntp

#Yum install chrony
#systemctl start chronyd
#Systemctl enable chronyd
#ntpdate -q

3. Install the SOS package to get collect the diagnostic and configuration information for debugging issues in satellite server.

#yum install sos

4. register the machine with Redhat Network

#subscription-manager register

5. Once the machine is registered with the Redhat Network, clear the metadata.

#yum clean all
#yum repolist enabled

6. Enable the SE Linux in enforcing or permissive mode

7. Enable the firewalld service in the machine (you may have issue in installing the package, remount the /usr with rw [mount -o remount, rw /usr])

# yum install firewalld
# firewall-cmd --add-service=RH-Satellite-6
# firewall-cmd --permanent --add-service=RH-Satellite-6
# firewall-cmd --add-port="5646/tcp"
# firewall-cmd --permanent --add-port="5646/tcp"

Install the Redhat Satellite package using yum

# yum install satellite

Installing the Redhat Satellite offline

I. Mount the ISO image to /media/sat62
II. #cd /media/sat62
# ./install_packages

Once the installation is completed successfully, Satellite has to be configured.

Note: Self-signed certificate or third party certificates are required to configure the satellite server.

8. review the answer file for the configuration of satellite server

# vi /etc/foreman-installer/scenarios.d/satellite-answers.yaml/

Check for the hostname and correct it, if there are anything missing in hostname in yaml file.

9. Configure the satellite server with absolute path of the certificates in cmd line

#satellite-installer --scenario satellite\
--certs-server-cert "/data/shankar03/sat01.polyglotit.com.cert.pem"\
--certs-server-cert-req "/data/shankar03/sat01.polyglotit.com.csr.pem"\
--certs-server-key "/data/shankar03/sat01.polyglotit.com.key.pem"\
--certs-server-ca-cert "/data/shankar03/polyglot_pe_fake_ca.cert.pem"

10. Logs can me monitored during the installation

#tail -f /var/log/foreman-installer/satellite.log

Tuesday, March 17, 2015

DISK IOPS for VM's on VMware


Hello Folks,

A Couple weeks ago, I have worked on the enhancement of the VMware environment and a task to  limit the iops for better performance.  The following PowerCLI script will collect the Microsoft Server class VM's metrics from the a datacenter and limits IO to 500.


# script by Shankar Jadapa 28/01/2015
###############################
######## LOAD PLUGINS #########
###############################


if (-not (Get-PSSnapin VMware.VimAutomation.Core -ErrorAction SilentlyContinue)) {
    Add-PSSnapin VMware.VimAutomation.Core
}

#Connecting to the desired vCenter

 Connect-viserver -server vCenter01.local -user shankar -password jadapa

 # Collecting the information of all the required Machines

 $vms = Get-Datacenter "Dynamic"  |Get-VM | Where {$_.Guest.OSFullName -match "Microsoft Windows Server*"}

 Write-Host " Gathering informaiton is completed"
 Write-Host "Going to execute the IOPs change on the machines"

  Foreach ($vm in $vms)
{

  $DiskLimitIOPerSecond = 500
  $spec = New-Object VMware.Vim.VirtualMachineConfigSpec
  $vm.ExtensionData.Config.Hardware.Device |
  where {$_ -is [VMware.Vim.VirtualDisk]} | %{
  $dev = New-Object VMware.Vim.VirtualDeviceConfigSpec
  $dev.Operation = "edit"
  $dev.Device = $_
  $dev.Device.StorageIOAllocation.Limit = $DiskLimitIOPerSecond
  $spec.DeviceChange += $dev
}

$vm.ExtensionData.ReconfigVM_Task($spec)

Write-Host "IOPS changed on $vm"
sleep -Seconds 5
}

 #Disconnecting the connected vCenters.
 Disconnect-VIServer * -Confirm:$false -Force

Wednesday, September 17, 2008

VMWare ESX


The following links are to download the pdfs for vmware.

Vmware ESX cheat sheet

ESX Maintenance Mode via Command Line


To enter Maintenance Mode, at the ESX console type:

vimsh -n -e /hostsvc/maintenance_mode_enter

To exit Maintenance Mode type:

vimsh -n -e /hostsvc/maintenance_mode_exit

To display whether the ESX Server is currently in maintenance mode or not type:

vimsh -n -e"hostsvc/hostsummary" | grep inMaintenanceMode

Wednesday, October 31, 2007

MYSQL REPLICATION

MYSQL REPLICATION CHEAT SHEET


USER REPLICANT CREATION:

Log into Master server as root and issue this sql statement


GRANT REPLICATION SLAVE, REPLICATION CLIENT
ON *.*
TO 'replicant'@'slave_host'
IDENTIFIED BY 'my_pwd';




Log into Slave server as root and issue this sql statement

GRANT REPLICATION SLAVE, REPLICATION CLIENT
ON *.*
TO 'replicant'@'master_host'
IDENTIFIED BY 'my_pwd';


Configuring the Servers

MASTER:


The only changes need to make in my.cnf are

server-id = 1
log-bin = /var/log/mysql/bin.log


SLAVE:


The only changes need to make in my.cnf are

server-id = 2

master-host = mastersite.com
master-port = 3306
master-user = replicant
master-password = my_pwd

log-bin = /var/log/mysql/bin.log
log-bin-index = /var/log/mysql/log-bin.index
log-error = /var/log/mysql/error.log

relay-log = /var/log/mysql/relay.log
relay-log-info-file = /var/log/mysql/relay-log.info
relay-log-index = /var/log/mysql/relay-log.index

Copying Databases and Starting Replication

Master Server:
mysqldump --user=root --password=my_pwd \
--extended-insert --all-databases \
--master-data > /tmp/backup.sql

*Copy the backup.sql file to slave server and follow the
Below commands.

Slave Server:

mysql --user=root --password=my_pwd < /tmp/backup.sql START SLAVE;


Automating Backups


A shell script to take automated backup of Database dump at slave server.


#!/bin/sh date = `date +%Y%m%d`
mysqladmin --user=root --password=my_pwd stop-slave
mysqldump --user=root --password=my_pwd --lock-all-tables --all-databases > /backups/mysql/backup-${date}.sql
mysqladmin --user=root --password=my_pwd start-slave

Friday, June 8, 2007

LINUX COMMANDS HISTORY

Falling down is not defeat. Defeat is when you refuse to get up.

All the best for your all future assignments in your life and happy LINUX.

Any queries related to Linux can send to mailto:shankermcsa@yahoo.com

Trademarks: Red Hat is a registered trademark of Red Hat, Inc. Linux is a registered trademark of Linus Torvalds. All other trademarks are the property of their respective owners.

UNIX History

First version created in Bell Labs - 1969

AT&T licenses source code for low cost

  • Trademarks UNIX name, "UNIX" name closely held
  • Licensees must create new name for their operating systems
  • Many UNIX "flavors" emerge

GNU Project / FSF

GNU Project started in 1984

r Goal: Create a "free" UNIX clone

r By 1990, nearly all required userspace applications created

r gcc, emacs, etc

l Free Software Foundation

r Non-profit organization that manages the GNU project

Linux Origins

l Linus Torvalds

m Finnish college student in 1991

m Created Linux kernel

l Linux kernel + GNU applications = complete, free, UNIX-like OS

Recommended Hardware Specifications

l Pentium Pro or better with 256 MB RAM or

l 64-bit Intel/AMD with 512 MB RAM

l 2-6 GB disk space

l Bootable CD

l Other processor architectures supported

l Itanium 2, IBM Power, IBM Mainframe

Virtual Consoles

l Multiple non-GUI logins are possible through the use of virtual consoles

l There are by default 6 available virtual consoles

l Available through Ctrl-Alt-F[1-6]

l If X is running, it is available as Ctrl-Alt-F7

The Xorg GUI Framework

l Modern, free implementation of X11

l Highly flexible framework for displaying graphical applications and environments

l Completely network-transparent client/server architecture

l System can be configured to present a graphical login screen on Ctrl-Alt-F7

The Xorg Graphical Environments

l Collections of applications that provide a graphical working environment with a consistent look-and-feel

m GNOME - The default desktop environment

m KDE - Environment based on the Qt toolkit

Starting Xorg

l Nothing needed if system boots to a graphical login. Just authenticate.

l If system boots to a virtual console login, Xorg must be started manually

m Run startx to manually start Xorg

Getting Help

Don't try to memorize everything!

Many levels of help

m whatis

m command --help

m man and info

m /usr/share/doc/

m Red Hat documentation

Extended Documentation

l The /usr/share/doc directory

m Subdirectories for most installed packages

m Location of docs that don't fit elsewhere

r Example configuration files

r Html/pdf/ps documentation

r License details

Some Important Directories

The home directories

m /root, /home/username

l The bin directories

m /bin, /usr/bin, /usr/local/bin

m /sbin, /usr/sbin, /usr/local/sbin

l Foreign filesystem mountpoints

m /media and /mnt

l /etc holds system config files

l /tmp holds temporary files

l /boot holds the kernel and bootloader

l /var and /srv hold server data

l /proc and /sys hold system information

l The lib directories hold shared libraries

m /lib, /usr/lib, /usr/local/lib

Absolute and Relative Pathnames

Absolute pathnames begin with a forward slash

l Complete "road map" to file location

l Can be used anytime you wish to specify a file name

Relative pathnames do not begin with a slash

l Specifies location relative to your current working directory

l Can be used as a shorter way to specify a file name

COMMANDS

If OS is not recognizing the SATA HDD

boot: linux all-generic-ide noapic noiapic

After installing the OS go to rescue mode and edit the grub.conf

#vi /etc/grub.conf

Root (hd0,0)

Kernel (vmlinuz-2.6.9-22.EL ro root=LABEL=/ linux all-generic-ide noapic noiapic rhgb quiet

Initrd /initrd-2.6.9.22.EL.img

Basic commands:

#echo $SHELL shows the default SHELL

#cat /etc/shells shows other existing Shells

#vi /etc/login.defs login information file

#chvt to switch to other terminal

#chage -l <username> to see the A/c policies.

#chage <username> to modify A/c policies

#chage -E -1 <username> to make account never expires.

#date --set "-----------"

Present Working Directory

#pwd

Listing Commands:

#ls

#ls -a

#ll

#ls -ld <filename>

#ll <filename>

#ls -al

Creating the Directory and Files

#mkdir <dir>

#mkdir <dir1> <dir1> <dir1>

#mkdir -p d1/d2/d3

Changing Directory

#cd <dir>

Creating a File

#cat > <filename>

Ctrl+d

#touch <filename>

Copy file

#cp <source path> <destination path>

Move and Renaming file

#mv <source path> <destination path>

Deleting file

#rm -rf <filename>

Append an existing file

#cat >> <filename>

Determining File Content

Files can contain many types of data

l Check file type with file before opening to determine appropriate command or application to use

l file [options] <filename>...

User & Group Admin

Authentication information is stored in plain text files:

o /etc/passwd

o /etc/shadow

o /etc/group

o /etc/gshadow

Changing Your Identity

To change your password, run passwd

m Insecure passwords are rejected

To start a new shell as a different user:

o su

o su -

o su username

o su - username

User Information Commands

Find out who you are

m whoami

Find out what groups you belong to

m groups, id

Find out who is logged in

m users, who, w

Login/reboot history

m last

Syntax:

#useradd <username> to create user

#groupadd <groupname> to create group

#useradd -u <uid> <username>

#groupadd -g <gid> <groupname>

#userdel <username> to delete user

#userdel -r <username> to delete user including home dir.

#passwd <username> to assign passwd

#passwd -S <username> shows passwd set to user or not

#passwd -d <username> to remove passwd

#id <username>

#finger <username>

Syntax: useradd <option> <username>

#usermod -G <groupname> <username>

#usermod -u <uid> <username>

#usermod -d <dir> <username> to change home directory

#usermod -s /bin/ksh <username> to change default Shell

#usermod -c "admin" <username> to put comments

#usermod -u <uid> -o <username> to change UID

#usermod -g <gid> <groupname> to change GID

#usermod -l <newusername> <oldusername> to rename user

#groupmod -n <newgroup name> <oldgroup name> to rename group

#gpasswd -a <username> <groupname> to add members of group

#gpasswd -M <username>,<username> <groupname>

#chown <new owner>.<new group> <file/dir name>

#chgrp <new group name> <file name>

#vi /etc/passwd (backup file: /etc/passwd-)

#vi /etc/group (backup file: /etc/group-)

#vi /etc/shadow (backup file: /etc/shadow-)

#tail <filename>

#head <filename>

Links

#ln <source file path> <destination file path> Hard Link

#ln -s <source file path> <destination file path> Soft Link

Permission of a File

Symbolic Notation: Read=r, Write=w and execute=x

Numeric Notation: Read =4, Write=2 and Execute=1

r w x (Where 1 = on and 0 = off)

1 0 0 =4

0 1 0 =2

0 0 1 =1

UMASK: Universal Mask is a value which is subtracted from the full permissions to generate the default permissions.

Root User Normal User

The full permission of a File is 666 The full permission of a File is 666

-rw- rw- rw- 666 -rw- rw- rw- 666

-rw- r- - r- - 644 -rw- r- - r- - 664

-------------------------------- -------------------------------

-w- -w- 022 (umask) -w- -w- 002 (umask)

The full permission of a Directory is 777 The full permission of a Directory is 777

-rwx rwx rwx 777 -rwx rwx rwx 777

-rwx r- x r- x 755 -rwx r- x r- x 775

-------------------------------- --------------------------------

-w- -w- 022 (umask) -w- -w- 002 (umask)

Syntax:

#umask to see the umask value

#vi /etc/bashrc to change umask value permanently

#chmod <numeric permission> <file/dir>

e.g. #chmod 777 <file/dir>

Special Permissions
SUID Value is 4
SGID
Value is 2

  • Normally, files created in a directory belong to the default group of the user
  • When a file is created in a directory with the setgid bit set, it belongs to the same group as the directory

Sticky Bit Value is 1
Normally, users with write permissions to a directory can delete any file in that

directory regardless of that file's permissions or ownership

With the sticky bit set on a directory, only the owner of a file can delete the file

Example: /tmp

drwxrwxrwt 12 root root 4096 Nov 2 15:44 tmp

ACL
#mount -o remount,acl <mount point> enable the partition with ACL properties

#setfacl -m u:<uname>:<permission> <filename> applying acl to the user level

#setfacl -x u:<uname>:<permission> <filename> to remove the acl

#setfacl -m g:<gname>:<permission> <filename> applying acl to the group level

#getfacl <filename> to check the acl permission

Note: when applying ACL present working directorie must be acl directorie and to make it permanent write inside /etc/fstab

Attribute

#chattr +i <filename>

#chattr -i <filename>

#chattr +a <filename>

#chattr -a <filename>

#lsattr <filename>


Special Users
SUDO

#useradd admin
#passwd admin
#vi /etc/sudoers or #visudo put the admin user in sudo file.
#sudo su - to get the root privileges as a sudo user.

#grep sudo /var/log/secure

Network User
Usr Profiles
#vi /etc/default/useradd
# useradd defaults file
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=2008-01-01
SHELL=/bin/bash
SKEL=/etc/skel (user profiles)

System Initialization

Boot Sequence Overview

  • BIOS initialization
  • Boot loader
  • Kernel initialization
  • init starts and enters the desired runlevel by executing:
    • /etc/rc.d/rc.sysinit
    • /etc/rc.d/rc and /etc/rc.d/rc?.d/
    • /etc/rc.d/rc.local
    • X Display Manager (if appropriate)

BIOS Initialization

§ Peripherals detected

§ Boot device selected

§ First sector of boot device read and executed

Boot Loader Components

  • Boot loader
    • First stage - small, resides in the MBR or a boot sector
    • Second stage - loaded from a boot partition
  • Minimum specifications for Linux:
    • Label, kernel location, OS root filesystem and location of the initial RAM disk (initrd)
  • Minimum specifications for other operating systems:
    • Boot device, label

GRUB and grub.conf

  • GRUB "the GRand Unified Bootloader"
    • Command-line interface available at boot prompt
    • Boot from ext2/ext3, ReiserFS, JFS, FAT, minix, or FFS file systems
    • Supports MD5 password protection
  • /boot/grub/grub.conf
  • Changes to grub.conf take effect immediately
  • If MBR on /dev/hda is corrupted, reinstall the first stage bootloader with:
    • /sbin/grub-install /dev/hda

Starting the Boot Process: GRUB

  • Image selection
    • Select with space followed by up/down arrows on the boot splash screen
  • Argument passing
    • Change an existing stanza in menu editing mode
    • Issue boot commands interactively on the GRUB command line

The Chicken/Egg Module Problem and the Initial RAM Disk

To mount the root filesystem, the kernel typically needs to load modules

o Examples: ext3, jbd, raid1, scsi_mod

An initial RAM disk provides modules

o Compressed cpio archive containing modules, other material

o Created at install time

o Specific to a particular hardware and software platform

Made available to the kernel by GRUB

Use mkinitrd to rebuild

o Example:

o mkinitrd /boot/initrd-$(uname -r).img $(uname -r)

Kernel Initialization

  • Kernel boot time functions
    • Device detection
    • Device driver initialization
    • Mounts root filesystem read only
    • Loads initial process (init)

init Initialization

  • init reads its config: /etc/inittab
    • initial run level
    • system initialization scripts
    • run level specific script directories
    • trap certain key sequences
    • define UPS power fail / restore scripts
    • spawn gettys on virtual consoles
    • initialize X in run level 5

Run Levels

§ init defines run levels 0-6, S, emergency

§ The run level is selected by either

· the default in /etc/inittab at boot

· passing an argument from the boot loader

· using the command init new_runlevel

§ Show current and previous run levels

        • /sbin/runlevel

/etc/rc.d/rc.sysinit

§ Important tasks include:

§ Activate udev and selinux

§ Sets kernel parameters in /etc/sysctl.conf

§ Sets the system clock

§ Loads keymaps

§ Enables swap partitions

§ Sets hostname

§ Root filesystem check and remount

§ Activate RAID and LVM devices

§ Enable disk quotas

§ Check and mount other filesystems

§ Cleans up stale locks and PID files

/etc/rc.d/rc

  • Initializes the default run level per the /etc/inittab file's initdefault line such that:
  • id:3:initdefault:
      • l0:0:wait:/etc/rc.d/rc 0
      • l1:1:wait:/etc/rc.d/rc 1
      • l2:2:wait:/etc/rc.d/rc 2
      • l3:3:wait:/etc/rc.d/rc 3 (default)
      • l4:4:wait:/etc/rc.d/rc 4
      • l5:5:wait:/etc/rc.d/rc 5
      • l6:6:wait:/etc/rc.d/rc 6

Daemon Processes

·A daemon process is a program that is run in the background, providing some system service

·Two types of daemons:

o standalone

o Transient - controlled by the "super-daemon" xinetd

System V run levels

· Run level defines which services to start

o Each run level has a corresponding directory: