How to perform kickstart installation for Linux ?

What is Kickstart installation?

Kick start installation is unattended installation, where we can install the operating system
without fully seated in front of system till completing the installation.

Here we need to create a kickstart configuration file which contains all the details like,
Language, Timezone, Network details, Partition details, Package details, etc…

1. Creating a Kickstart configuration File

by default kickstart configuration file will be available in /root directory with the name of anaconda-ks.cfg in linux machine which is already installed. by editing this file will create new kickstart file for our requirement. But comparing to this method will create kickstart file in Graphical mode which will be very easier way.

GUI mode should be working in our machine to create kickstart file in Graphical utility.

Login the server in Graphical mode as root user and issue the below command to open the kickstart file configuration window.

[root@server ~]# system-config-kickstart

will get a window now to configure new kickstart file.

Using above window we need provide the required details in each section by selecting the option which is available in left pane.

Basic Configuration:

Default and keyboard Layout Language, Time Zone, Root password, Architecture and Reboot option after installation the Operating system.

Installation Method:

Whether its going to be a new installation or upgrade and which source we are going to use for OS media.

Boot Loader Option:

Its advisable to use “Install new boot loader” option.

Partition Information: 

Depends on your requirement you can create partitions or you may leave it to create automatically by the OS.

Network Configuration:

Based on your requirement you can provide static or DHCP IP’s and you should select the adapter first for that.

Authentication, Firewall Configuration & Display Configuration:

You may leave it by default. If you have any specific reason you can select the option.

Package Selection:

Here we need to provide what type of server you are going to install. Like, Web server,  Minimal package, DNS Server, Application Server, etc…

By default it will be minimal only.

Pre and Post Installation Script:

You may leave it.

After creating file use file-> save option to save the configuration. Here i’m saving this file under /root  with  ks.cfg name.

If you are going to create same configuration Operating system you can open the existing file which is available in you machine under /root directory.

2. Verifying the Kickstart File

After created the kickstart configuration file will verify using below command. We should install the package called ypkickstart to run the command.

ksvalidator command will help to verify the created kickstart file

[root@server ~]# yum install ypkickstart

[root@server ~]# ksvalidator /root/ks.cfg

3. Making the Kickstart File Available

Now i’m going to use http service to access created kickstart file through network for unattended  installation.

Simply install httpd package and start the service in remote machine where we are going to kept kickstart file.

Then copying created kickstart file from /root to /var/www/html/kickstart/  which is default location where the pages available to access using http service on browser.

[root@server ~]# yum install httpd
[root@server ~]# systemctl start httpd
[root@server ~]# cp /root/ks.cfg /var/www/html/kickstart/

4. Making the Installation Source Available

This section is pointing that which source of OS media we are going to use for this installation. We can use Local media, NFS, HTTP, HTTPS, FTP.

For Local media installation simply will use OS media or OS image file, if we are going to install in Virtual Machine and for other options OS image will be placed in remote machine and will be accessed using anyone of mentioned protocol.

In our case going to install in VMWare using Local media(OS Image file) source with kickstart file, which will be placed in remote machine and going to use http service to access kickstart file.

5. Starting the Kickstart Installation

Now start the virtual machine which is create in VMWare and interrupt by pressing Tab  key in keyborad and will get the screen like below.

Now insert the below entry to mention the kickstart file http location like below.

inst.ks=http://192.168.43.226/kickstart/ks.cfg

Then press enter to begin the installation.

Configuring bonding on RHEL7 step by step

What is ?

Two or more than that network adapters in corporate with single logical network pipe.

Logical network interface work as master and physical network interfaces are work as slave.

IP Address is assigned to  logical interface instead of assigning physical interfaces.

Logical interface only will work on connecting any internal/external network traffic.

It has several modes of operations based on behavior.

Modes:

  1. Round robin
  2. Active backup
  3. XOR
  4. Broadcast

Advantages:

  1. Better throughput
  2. Load balancing
  3. Fault tolerance

Issue ip a command to check available interfaces in server.

in my server, i have two insterfaces called enp0s3  and enp0s8

Using mobprobe command load the bonding kernel if its not loaded already.

[root@server ~]# modprobe bonding

To check whether the bonding driver in kernel  use the modinfo command and that will list the details like below once its loaded.

[root@server ~]# modinfo bonding
 filename: /lib/modules/3.10.0-514.el7.x86_64/kernel/drivers/net/bonding/bonding.ko
 author: Thomas Davis, tadavis@lbl.gov and many others
 description: Ethernet Channel Bonding Driver, v3.7.1
 version: 3.7.1
 license: GPL
 alias: rtnl-link-bond
 rhelversion: 7.3
 srcversion: B664145ACFBCC961505C750
 depends:
 intree: Y
 vermagic: 3.10.0-514.el7.x86_64 SMP mod_unload modversions

Create a file called ifcfg-bond0 which will work as logical interface in bonding using vi editor with below mentioned settings under /etc/sysconfig/network-scripts

[root@server ~]# vi /etc/sysconfig/network-scripts/ifcfg-bond0

DEVICE=bond0
 TYPE=Bond
 NAME=bond0
 BONDING_MASTER=yes
 BOOTPROTO=none
 ONBOOT=yes
 IPADDR=192.168.43.250
 NETMASK=255.255.255.0
 GATEWAY=192.168.43.1
 BONDING_OPTS="mode=5 miimon=100"
 ZONE=public

:wq

save and exit from the file.

now the bond0 logical interface has been created and have to set the slave interface by following below steps.

in our case already we have two interfaces called enp0s3 and enp0s8. for the same configuration file also already there under /etc/sysconfig/network-scripts with below name’s

ifcfg-enp0s3

ifcfg-enp0s8

edit the above two files using vi editor and make entry for MASTER and SLAVE. Set the MASTER=bond0 and SLAVE=Yes for the both interface configuration files like below.

[root@server ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s3

TYPE=Ethernet
 NAME=enp0s3
 UUID=f42b80f0-95dd-4126-a5f8-62db4f4a368f
 DEVICE=enp0s3
 ONBOOT=yes
 MASTER=bond0
 SLAVE=Yes

 

[root@server ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s8

TYPE=Ethernet
 NAME=enp0s8
 DEVICE=enp0s8

UUID=f42b80f0-95dd-4126-a5f8-62db4f4a368f
 ONBOOT=yes
 MASTER=bond0
 SLAVE=Yes

 

Now use ifdown and ifup command to bring down and bring up the bond0 interface.

[root@server ~]# ifdown bond0
../network: line 2: NETWORKING: command not found
Device 'bond0' successfully disconnected.
[root@server ~]# ifup bond0
../network: line 2: NETWORKING: command not found
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/16)

 

Then check the ip of bond0 to confirm whether our bonding has been working or not.

[root@server ~]# ip a | grep bond0
6: bond0: <NO-CARRIER,BROADCAST,MULTICAST,MASTER,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
 inet 192.168.43.250/24 brd 192.168.43.255 scope global bond0

 

We configured bonding successfully. Now will communicate from remote server to this server using bond0 interface ip address (192.168.43.250)

Thanks for your support 🙂

User and Group Management in Linux/Unix

User and Group Management in Linux/Unix

We are going to see User and Group Management in Linux/Unix in this post.

 /etc/passwd   ->  This file contains all the users details.

[root@server ~]# more /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin

/etc/passwd file has all the user details with some parameters.

Here i’m taking root user details to explain with details.

root:x:0:0:root:/root:/bin/bash

root – User name

x – Password

0 – User ID

0 – Group ID

Root – Comments/ User description

/root – Home directory

/bin/bash  – shell

Home directory and Group will be created with the same name of user, once we created a user.

Command to create user:

Useradd <username>

adduser <username>

Example:

[root@server ~]# useradd anand

[root@server ~]# adduser anand

Command to delete user account:

deluser <username>

[root@server ~]# userdel anand

The above command will delete a user but will not delete home directory of the user.

Command to delete a user account with home directory:

Use option -r to delete user with home directory.

[root@server ~]# userdel –r deepak

Use id command to know whether a user available in system and if the user exist, it will display User ID, Group ID and Primary group and Secondary group details.

[root@server ~]# id abu
uid=1000(abu) gid=1011(Technology) groups=1011(Technology),1012(DBcheck)

Command to add secondary group to a user:

[root@server ~]# usermod –G Technology abu

Command to change primary group:

[root@server ~]# usermod –g Technology abu

Customizing home directory:

by default home directory will be created under /home for all the users. We can set some other directory as home directory as well.

we have two options to change the home directory.

  1. we can edit /etc/passwd file using vi editor to change the home directory
  2. Using usermod command will change home directory

Changing home directory by editing /etc/passwd  file

[root@server ~]# vi /etc/passwd
testuser:x:1004:1004::/testuser:/bin/bash

Command to change home directory:

[root@server ~]# usermod -m -d /testuser testuser

-m:    option to move the home directory

-d:      option to mention the home directory

Assigning expiry date to user:

Command to check expiry details for a user

[root@server ~]# chage -l testuser
Last password change : May 27, 2017
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

Command to set expiry date for a user:

[root@server ~]# usermod --expiredate=2017-07-20 testuser

Again will check whether the expire date has been set or not.

[root@server ~]# chage -l testuser
Last password change : May 27, 2017
Password expires : never
Password inactive : never
Account expires : Jul 20, 2017
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

We successfully set expire date for testuser.

Group Management:

Group is used to manage more than one users without touching the each and every user alone.

Group is created based on the Team on an organization.

All the group details available in /etc/group file, once we created a group.

[root@server ~]# more /etc/group

Using Groupadd command will create group

[root@server ~]# groupadd Technology

 

NFS Server Configuration RHEL 7 / Cent OS 7

Using NFS server will share the files/ Directories over the network.
Using this service will install operating system and access the remote server directory/file to read/write files and will share the file/directory to other machines.

Required Package:

libnfsidmap-0.25-15.el7.x86_64
nfs-utils-1.3.0-0.33.el7.x86_64

Installing NFS packages:

Use the below command to install all the required packages in one shot.

#yum install nfs*

 

Check whether the packages are installed by executing below command

[root@server ~]# rpm -qa | grep nfs
libnfsidmap-0.25-15.el7.x86_64
nfsometer-1.7-1.el7.noarch
nfs4-acl-tools-0.3.3-15.el7.x86_64
nfs-utils-1.3.0-0.33.el7.x86_64
nfstest-2.1.1-0.0.el7.noarch

Important configuration files:

/etc/exports :                This file contains which all are exported to remote                                                                 machines 
/etc/host.allow :           Daemon/ Client which matches the entry available in                                                        this file, will be granted access.
/etc/host.deny :           Access is denied for daemon/ client which matches in                                                     this file.
/etc/fstab :                      Will mount the shared directories/ filesystems                                                                   permanently using this file.
/etc/sysconfig/nfs:  Will manage the nfs port using this file.

Services which need to be enabled and started:

rpcbind  service
nfs-server  service

Command to enable the services:

#systemctl enable rpcbind
#systemctl enable nfs-server

[root@server ~]# systemctl enable rpcbind
[root@server ~]# systemctl enable nfs-server
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.

Command to start the services:

#systemctl start rpcbind
#systemctl start nfs-server

[root@server ~]# systemctl start nfs-server

[root@server ~]# systemctl start rpcbind

create directory for sharing:

[root@server ~]# mkdir /nfshare

set the all permission to all

#chmod 777 /nfshare

Now share the directory using NFS by mentioning the directory details in /etc/exports file

#vi /etc/exports

/nfsfileshare 192.168.12.7(rw,sync,no_root_squash)

save and exit from the file

Now use the below command to make it available in network as a shared directory

[root@server ~]# exportfs -r

Enable the services permanently in firewall in this session

[root@server ~]# firewall-cmd --permanent --zone public --add-service  mountd
success
[root@server ~]# firewall-cmd --permanent --zone public --add-service rpc-bind
success
[root@server ~]# firewall-cmd --permanent --zone public --add-service nfs
success

reload the firewall  changes and make effect in this session by executing below command

[root@server ~]# firewall-cmd --reload
success

 

Now all the configuration has been done in server side and have to check and mount the shared directory in client machine.

showmount command will help us to list the directory which is shared from remote machine.

[root@node1 ~]# showmount -e 192.168.43.226
Export list for 192.168.43.226:
/nfshare *

Now we need to mount the shared directory in client. Before that we should create a directory to use that as a mount point.

[root@node1 ~]# mkdir /nfsmount

Mount the directory temporarily

#mount 192.168.43.226:/nfshare  /nfsmount

Mount permanently by editing /etc/fstab file and make entry

#vi /etc/fstab
192.168.43.226:/nfshare/ /nfsmount nfs rw,sync 0 0

save and exit from the file.

unmount the directory because we mounted temporarily before restart and after restart issue mount to check whether the shared directory is listing or not. If its not listing then there is an issue with entry in /etc/fstab file.

#umount /nfsmount

Restart the client and check using mount command

[root@node1 ~]# mount | grep /nfsmount
192.168.43.226:/nfshare/ on /nfsmount type nfs (rw,sync,vers=4,addr=192.168.43.226,clientaddr=192.168.43.67)

Configuring SAMBA Server in RHEL7/ Cent OS 7

We are going to learn how to configure SAMBA Server in RHEL7 / Cent OS  7. Its used to share file and printer sharing over the network.

Now a days its used as Domain controller like Windows Active Directory.

Will integrate SAMBA Server with Windows Domain as a Primary domain controller or as a domain member.

Operating System:  RHEL7
Host Name:   server
IP Address:  192.168.43.226 / 255.255.255.0

Port numbers for Samba server :
137/tcp
137/udp
138/tcp
138/udp
139/tcp
139/udp
445/tcp
445/udp
Daemons:
  1. smbd: This is for file and printer sharing services
  2. nmbd:  This is for NetBIOS to IP Address service and Mapping NetBIOS Compluter Name to the TCP/IP IP Addresses.
Installing SAMBA Server:
 
#yum install y samba sambacommons cupslibs policycoreutilspython sambaclient
Below command will install all the packages which is required for samba server configuration.
 [root@server ~]# yum install -y samba
 
Create directory for sharing:
 
[root@server ~]# mkdir /sharedir
Create a new group called samba
 
#groupadd samba
 [root@server ~]# groupadd samba
 
 

change the group and permission for the directory which we are going to share using samba

[root@server ~]# chgrp -R samba /sharedir
[root@server ~]# chmod -R 777 /sharedir


check for the existing group and permission details for the directory.

[root@server ~]# ll / | grep sharedir
drwxrwxrwx. 2 root samba 6 Nov 11 08:59 sharedir
Now change the group and permission for the directory

Now again check for the group and permission for the directory and it’s changed.

Create a new user called test and add it to our newly created group which is called samba. Then set the samba password for the user.


[root@server ~]# useradd smbuser
[root@server ~]# usermod -G samba smbuser
[root@server ~]# smbpasswd -a smbuser
New SMB password:
Retype new SMB password:
Added user smbuser.
For samba default configuration file is /etc/samba/smb.conf 


We are going to edit this configuration file. Before that its advisable to take backup of configuration file.

#cp -p /etc/samba/smb.conf  /etc/samba/smb.conf.bkp


now we will edit the smb.conf file

[root@server ~]# vi /etc/samba/smb.conf
make the below entries at end of line.
Comment:   This will explain the operation what we are doing like sharing directory or sharing printer.
Path:           We are going to share a directory. So, here we should mention the directory with absolute path
Valid users:  Here we can mention the users and groups who has permission to access this directory.
Writeable:    i am giving yes, because i need read and write both permission.
browseable:  If you want to access the shared things using browser, we can make it as yes
Public:          We are not going to share this directory for all users. So, we should use no option.
[sharedir]
 comment = shared-directory
 path = /sharedir
 valid users = smbuser, @samba
 writeable = yes
 browseable = yes
 read only = no
 inherit acls = Yes

In the same smb.conf  file we should add our interface name and IP Address to allow the network in samba server.

And one more entry is very important that we need to mention our windows machines workgroup name. First we will use default one. If the windows machines are falling under different workgroup name. Then we have to change the workgroup name in this configuration file.

WORKGROUP  =  MYGROUP

We can add the services in /etc/services file.


[root@server ~]# vi /etc/services
netbios-ns 137/tcp # netbios name service
netbios-ns 137/udp # netbios name service
netbios-dgm 138/tcp # netbios datagram service
netbios-dgm 138/udp # netbios datagram service
netbios-ssn 139/tcp # netbios session service
netbios-ssn 139/udp # netbios session service


Now start the samba service and enable the service permanently on this run level.

[root@server ~]# systemctl start smb.service
[root@server ~]# systemctl enable smb.service
Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service.

Same like that start and enable nmb service.

#systemctl start nmb.service
#systemctl enable nmb.service



 Add the firewall rule to allow the samba service via firewall.
In RHEL 7 firewall has been shipped from iptables to firewalld.

[root@server ~]# systemctl start firewalld
[root@server ~]# firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.56.0/24" service name="samba" log prefix="samba" level="info" limit value="1/m" accept'
success
[root@server ~]# systemctl enable firewalld Created symlink from /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service to /usr/lib/systemd/system/firewalld.service.
Created symlink from /etc/systemd/system/basic.target.wants/firewalld.service to /usr/lib/systemd/system/firewalld.service.



Then reload the firewall configuration using below command

[root@server ~]# firewall-cmd --reload
success

Now all the configuration has been completed and will check in windows machine whether the samba is working well or not.

Connecting SAMBA server from linux  client machine.

samba client should be installed in linux client machine.

Package: samba-client-4.4.4-9.el7.x86_64

#yum install samba-client*

[root@server ~]# smbclient -L 192.168.43.126 -U test


-L :    This option will list the shared directories
192.168.43.226 :  IP Address of samba server
-U :  Option to mention the user name next to this which has access to this shared directory.

Output should be like below

Accessing via samba console:

#smbclient //192.168.43.226/sharedir -U test

above command will help you to show the content of shared directory and to do operations over their.



We successfully configure SAMBA server. Thanks for the support. 


Configuring DHCP Server in RHEL7/ Cent OS 7

DHCP – Dynamic host configuration protocol

We are going to configure DHCP Server in RHEL7

It’s a network protocol used to assign IP’s to the client dynamically over the network.

DHCP Workflow:

Required Package installation:

#yum install dhcp

Now we should assign a insterface in DHCPDARGS in /etc/sysconfig/dhcpd

 [root@localhost ~]# vi /etc/sysconfig/dhcpd
 
  DHCPDARGS=enp0s3

After installing package it will create one empty configuration file /etc/dhcp/dhcpd.conf  and we have one sample configuration file under /usr/share/doc/dhcp-4.2.15/dhcpd.conf.exmaple.

So as first, append the content from example file to original file using cat command.

[root@localhost ~]# cat /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example >> /etc/dhcp/dhcpd.conf

Open the configuration file to configure DHCP Server:

First will give basic configuration which will be common for your network.

[root@localhost ~]# vi /etc/dhcp/dhcpd.conf


Make the below entries 

 option domain-name "lbcdomain.com";
 option domain-name-servers server.lbcdomain.com;
 default-lease-time 600;
 max-lease-time 7200;
 authoritative;
 log-facility local7;



Now make subnet details in same configuration file.

subnet 192.168.1.0 netmask 255.255.255.0 {
 option routers 192.168.1.254;
 option subnet-mask 255.255.255.0;
 option domain-search "lbcdomain.com";
 option domain-name-servers 192.168.1.1;
 option time-offset -18000; # Eastern Standard Time
 range 192.168.1.10 192.168.1.100;
}

Optional(To reserve IP for a dhcp client machine) :

If you wan to assign a static IP to a client using DHCP service, use the below command.

host station1 {
 option host-name "node11.lbcdomain.com";
 hardware ethernet 00:12:2A:2B:3C:AB;
 fixed-address 192.168.1.100;
}

Restart the dhcp service now to complete the DHCP server configuration.

[root@localhost ~]# systemctl restart dhcp
To check dhcp we should login in client machine which is in same network physically and edit the interface configuration file to make dhcp ip assigned.
#vi /etc/sysconfig/network-scripts/ifcfg-eth0
 change the entry for BOOTPROTO as dhcp

DEVICE=eth0

BOOTPROTO=dhcp

TYPE=Ethernet

ONBOOT=yes
 
Save and quit.
 
Now restart the network service.
 #service network restart
 
now check for the ip and it should be assigned in between 192. 168.1.50 to 192.168.1.254
  
DHCP Configuration has been done.
Do practice well. All the best.

Changing/ Recovering root user password in RHEL7/ Cent OS 7

We are going to see How to Changing/ Recovering root user password in RHEL7/ CentOS 7 in this post

Boot the system and wait for GRUB menu. On some Operating systems, you need to disturb the booting by pressing any keys in your system.

Changing/ Recovering root user password in RHEL7/ Cent OS 7
Highlight the first line which is pointing the Operating System entry like showed in the above image and press “e” key in your keyboard to edit manually.
Then will get the below screen.
Using up/down, left/right arrow keys move the cursor to the “rhgb quiet” which is in kernel line starting with “linux16”
Using delete/backspace keys manually delete “rhgb quiet” entry and append “init=/bin/bash” entry like below.

Than press Ctrl+x  to reboot your OS with specified option. Once rebooted, will get a shell prompt without credentials.

check whether the root filesystem has been mounted or not.

Mount the root filesystem with RW permission.

Now issue the “passwd” command to recover/change the root password. It will ask for the new password and re-enter the password for confirmation. Once provided the new password will receive the “Authentication token successfully updated”

Relabel the SELinux content using below command.
Restart the machine using the below command.
Finally, we recovered the root password. Now will restart the machine and login with a new root password.

Configuring LVM in redhat

For LVM Configuration need to follw the below steps.

1. Partition creation
2. Physical volume creation
3. Volume group creation
4. Logical volume creation

Here i’m using /dev/sda and /dev/sdb hard disks

Size:

/dev/sda – 500GB
/dev/sdb – 500GB

I already shared the steps to create partitions in previous post.

Click here to create new partition/filesystem in a physical disk.

Using fdisk we have to change the partition type by changing the ID.

For that we should use “t” option to change the partition type. Once we executed this, it will ask for
the Hex code of partition type. Here we need to mention “8e” as Hex code for LVM partition type.

Note: change the partition type for all HDD/ Partitions which we are going to configure LVM.

Than follow the below steps for LVM configuration.

Next we have to create physical volumes using below mentioned commands.

#pvcreate /dev/sda1 /dev/sdb1


#vgcreate -s 16M newvg /dev/sda1 /dev/sdb1

“newvg” is new volume group name and /dev/sda1, /dev/sdb1 will be added in this volume group.
Now this two hard disks will act as a single hard disk and the new size of hard disk is 1000GB.

Next we have to create logical volumes over the volume group, which is like a partitioning here.

#lvcreate -n lv1 -L 200G newvg

-n:  This option is to mention the new logical volume group.
lv1: new logical volume group name.
-L:  this option is to mention the size of new logical volume.

Now we have created logical volume and we should format and mount the lv.

#mkfs.xfs /dev/newvg/lv1

directory is required to mount the lv.

#mkdir /data

#mount /dev/newvg/lv1 /data


Now we successfully configured LVM. Follow the lvcreate steps to create more lv’s.