Network install point httpd with Centos or RHEL6 using kickstart

by Steven Protter on March 1st, 2012
Posted In: Networking, Systems Administration, Virtualization
Steven Protter

Why set up a network install point? So you can do consistent Linux installations. Really so you can do the same installation over and over again and come out with consistent results. Today’s article is how to set up the install point and have it work. There is credit for the source article below but by itself that article will not work for Centos 6.

The chosen install path is /var/www/html/centos/6.2

When it is released Centos 6.3 will go in a directory named 6.3

My source iso images are in a bootable partition, not an lvm mount called /iso

Partial ll listing:

-rw-r–r–. 1 root   root   4423129088 Dec 15 20:50 CentOS-6.2-x86_64-bin-DVD1.iso
-rw-r–r–. 1 root   root   1317967872 Dec 15 20:50 CentOS-6.2-x86_64-bin-DVD2.iso

 

mount -o loop /iso/CentOS-6.2-x86_64-bin-DVD1.iso /mnt
# The file name does not matter a bit. Just use the one you have downloaded.
# Make sure nothing is already mounted on /mnt folder

Copy the install point to your target directory.

cp -rvf /mnt/* /var/www/html/centos/6.2

This will miss two files, .discinfo and .treeinfo which kickstart needs to work right.

cp /mnt/.discinfo /var/www/html/centos/6.2 
cp /mnt/.treeinfo /var/www/html/centos/6.2 What the install depot should look like:
 umount and repeat for DVD2 ls -lart /var/www/html/centos/6.2

Output:
[root@solaria 6.2]# ls -lart /var/www/html/centos/6.2
total 536
drwxr-xr-x. 3 root root   4096 Feb 21 20:52 EFI
-rw-r--r--. 1 root root  18009 Feb 21 20:52 GPL
drwxr-xr-x. 3 root root   4096 Feb 21 20:52 images
drwxr-xr-x. 2 root root   4096 Feb 21 20:52 isolinux
-rw-r--r--. 1 root root   1354 Feb 21 20:53 RELEASE-NOTES-en-US.html
-rw-r--r--. 1 root root     14 Feb 21 20:54 CentOS_BuildTag
-rw-r--r--. 1 root root    212 Feb 21 20:54 EULA
drwxr-xr-x. 2 root root 450560 Feb 21 20:55 Packages
-rw-r--r--. 1 root root   1706 Feb 21 20:55 RPM-GPG-KEY-CentOS-6
-rw-r--r--. 1 root root   1730 Feb 21 20:55 RPM-GPG-KEY-CentOS-Debug-6
-rw-r--r--. 1 root root   1730 Feb 21 20:55 RPM-GPG-KEY-CentOS-Security-6
-rw-r--r--. 1 root root   1734 Feb 21 20:55 RPM-GPG-KEY-CentOS-Testing-6
-r--r--r--. 1 root root   2056 Feb 21 20:55 TRANS.TBL
drwxr-xr-x. 3 root root   4096 Feb 22 21:51 ..
-rw-r--r--. 1 root root     31 Feb 23 22:22 .discinfo
-rw-r--r--. 1 root root    338 Feb 23 22:22 .treeinfo
-rw-r--r--. 1 root root   2952 Feb 28 20:05 mars-ks.cfg
-rw-r--r--. 1 root root   2975 Feb 28 20:05 columbia-ks.cfg
-rw-r--r--. 1 root root   2975 Feb 28 20:33 pacifica-ks.cfg
drwxr-xr-x. 7 root root   4096 Feb 28 20:33 .
drwxr-xr-x. 3 root root   4096 Feb 29 20:12 repodata


for the install from kickstart to work, you will need to update the repodata and create the group information to avoid some nasty install issues that will frustrate you a lot.
 cd /var/www/html/centos/6.2

 

createrepo -u -g /var/www/html/centos/6.2/repodata/

Output

[root@solaria 6.2]# createrepo -u -g /var/www/html/centos/6.2/repodata/

Saving Primary metadata
Saving file lists metadata
Saving other metadata

 

Source material: http://diznix.com/articles/installing-linux-via-the-network/

No Comments

DNS configuration checklist

by Steven Protter on January 17th, 2012
Posted In: Networking, Systems Administration
Steven Protter

BIND has always been a dark art. Recent configuration nuances made in the name of improving security have made things all the more fun.

Here is a simple checklist that can avoid trouble and downed websites. Note that on RHEL6/CentOS/ and clones the /var/named/chroot structure has been made obsolete.

  • Before starting cp /etc/named.conf /root  # pick any location but not /tmp because Linux cron cleans that up.
  • After adding new zones, run named-checkconf on your newly edited file. Do NOT edit the original.
  • Copy the names of new zone files into the named.conf file using cut and paste to avoid spelling errors.
  • chown named:named <filename> newly created zone files. Failure to do so will result in a completely meaningless and impossible to fathom error message when you restart the named daemon.
  • Use named-checkzone to check syntax in manually edited zone files. Consider using ISPCONFIG3 GUI to maintain these records.
  • Use the same back up policy as above for named.conf when working on zone files.
  • Update serial number in the zone file to insure fast propagation of DNS changes.

Follow this simple checklist to avoid a lot of unnecessary pain.

 

└ Tags: , ,
No Comments

Centos Continuous Release with caution

by Steven Protter on November 15th, 2011
Posted In: Systems Administration, Virtualization, yum
Steven Protter

Centos Continuous release is very easy to install. Download and install 1 rpm and you are all set.

i386:
http://mirror.centos.org/centos/6/extras/i386/RPMS/centos-release-cr-6-0.el6.centos.i686.rpm
( sha256: 9fc78d2d79abeb1513f0851d075a2860f5039fc8db3fb0db4c660252fffda894 )

x86_64:
http://mirror.centos.org/centos/6/extras/x86_64/RPMS/centos-release-cr-6-0.el6.centos.x86_64.rpm
( sha256: bd55e1505caae2f78c306290d235b7f54833fcad5a9f1942b3cb54e28f7bfe73 )

But I urge caution.

In my lab, I downloaded the 64 bit version and installed it. Then I ran the following command:

yum -y update

A lot of stuff got updated and a major problem was introduced, a bad release of apache was spun out, probably by Red Hat. I don’t know if Centos approves the content before it is released, I’m guessing probably not. I will contact them and let you know.

The problem:

[Sun Nov 06 05:25:27 2011] [notice] child pid 17890 exit signal Segmentation fault (11)

My research traced this back to a problem with the apache application. I needed to back out the httpd/apache release, install the previous release

To even have roll back, you must:

Add tsflags=repackage to /etc/yum.conf.
Add %_repackage_all_erasures 1 to /etc/rpm/macros. If /etc/rpm/macros does not exist, just create it.

You can now install, erase and update packages with yum and/or rpm, and they will save roll back information.

When you want to roll back, use rpm to do so.
You do this by specifying the --rollback switch and a date/time, like the examples below:

rpm -Uhv --rollback '19:00'
rpm -Uhv --rollback '8 hours ago'
rpm -Uhv --rollback 'december 31'
rpm -Uhv --rollback 'yesterday'

I was in a hurry, I merely removed httpd, temporarily disabled the CR repo and installed httpd and the dependencies that were removed at the same time.

To update production and exclude the bad httpd release:

yum -y update –exclude httpd

Done

Turns out this problem was caused by a php plugin eaccellerate which is part of the ISPCONFIG3 setup I use to manage sites. The above technique did allow me to avoid the problem temporarily, and is good practice for when Red Hat does roll out bad rpm updates (which sadly happens all to often).

└ Tags: , , ,
No Comments

Network Channel Bonding (teaming) RHEL 6.0

by Steven Protter on August 28th, 2011
Posted In: Networking
Steven Protter

This procedure did not actually change very much from RHEL 5.0. Knowing the changes however are pretty critical to getting it right.

Gone is the Administrator’s friend and potential cestpool, /etc/modpprobe.conf

Its replaced by anything you want to load in /etc/modprobe.d

Naming guidelines? Who needs them. Name the file anything you want.

Procedure: Still pretty darned easy.

Pre-requisite: You need two network connections to the same network subnet. Unlike HP-UX APA (Auto port aggregation) you don’t normally need special switch configuration. Though it is possible for Cisco switches to mess this up.

I’m recommending use of a standard naming convention in your shop. I, in a fit of creativity have chosen the name, bonding.conf

All you do is rip the bonding configuration you used from modeprobe.conf on RHEL 5 and put it in the fil:

/etc/modprobe.d/bonding.conf
options bond0 miimon=200 mode=5
alias eth0 e1000
alias eth1 e1000

This system has two Intel 1 GB cards in it, plugged into the same network and subnet.

[root@viper ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Intel Corporation 82541GI Gigabit Ethernet Controller
DEVICE=eth0
MASTER=bond0
SLAVE=yes
BOOTPROTO=none
USERCTL=no

[root@viper ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
# Intel Corporation 82540EM Gigabit Ethernet Controller
DEVICE=eth1
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=none
USERCTL=no

Now the all critical bond0 configuration which has not changed.

[root@viper ~]# cat /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
BOOTPROT=static
IPADDR=192.168.0.200
NETMASK=255.255.255.0
BROADCAST=192.168.0.255
ONBOOT=yes
TYPE=Bonding
USERCTL=no

To implement:

/sbin/service network restart

[root@viper ~]# service network restart
Shutting down interface bond0:                             [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface bond0:                               [  OK  ]

One little warning. Red Has put a little tool in the OS called Network manager. It thinks it owns the network configuration.

If you for example copy in the configuration from another system with the intent of changing the IP address on a new one, be quick about it. Copy in ifcfg-bond0 without ifcfg-eth0/1 and you lose network access to the system.

It is highly recommended you do this with some form of console access.

 

 

No Comments

Welcome to the Linux Authority

by Steven Protter on August 26th, 2011
Posted In: Uncategorized
Steven Protter

This is a magazine dedicated to all things Linux. It is based  on my work experience in  the Corporate ITspace both in Israel and the United States.

Steven “Shmuel” Protter

President and Owner, ISN Corporation

 

1 Comment