Linux RHEL7 course

-
Unit 
1. list all unit types: systemctl -t help
2. list all unit files path: cd /usr/lib/systemd/system
Example: ftp service --> vsftpd.service

Target
1. list all target files file: 
cd /usr/lib/systemd/system
ls *.target 

2. system target
cd /usr/lib/systemd/system
ls run*

3. list all the dependencies of graphical.target
systemctl list-dependencies graphical.target | grep target

4. list status of all target
systemctl list-units --type=target --all

5. system using target path: /etc/systemd/system

6. start system go into rescue mode
A. restart system
B. input 'e'
C. find line line start with 'linux16'
D. remove the "rhgb quiet" and input "systemd.unit=rescue.target"
E. input "x" and go into rescue mode
F. input "systemctl isolate graphical.target" and go back to graphical mode

Service
1. check all service status: systemctl --type=service

2. check specific service status: systemctl status vsftpd

3. start specific service: systemctl start vsftpd

4. automatic start specific service: systemctl enable vsftpd

5. stop specific service: systemctl stop vsftpd

6. not automatic start specific service: systemctl disable vsftpd

7. label servcie, not allow to start: systemctl mask vsftpd

8. delete label: systemctl umask vsftpd

Cgroups (control resource used by specific service)
1. Check: mount | grep cgroup

2. Change the resouce of specific service: set httpd servcie memory usage limit to 1GB
A. vim /etc/systemd/system/httpd.service
Add following context below "[Service]"
MemoryLimit=1G
B. systemctl daemon-reload
C. restart the service: systemctl restart httpd.service
D. check the service: systemctl status httpd.service

Mount File System
1. Check file system: 
A. more /etc/fstab
B. /usr/systemd/system
ls *mount

2. Make personal test folder
A. cd /etc/systemd/system
B. vim test.mount
[Unit]
Description = test mount

[Mount]

Network Manager
nmcli(command line)
nmtui(non graphical screen)
tui(graphical screen)

nmcli
check network device status: nmcli dev status
check network device properties: nmcli con show
check active network device properties: nmcli con show --active

add connection: nmcli con add con-name em1 type ethernet ifname em2 ip4 192.168.0.10/24 gw4 192.168.0.1
change dns of connection: nmcli mod em2 +ip4.dns 8.8.8.8
active the connection: nmcli con up em2
disactive the connection: nmcli dev dis em2

configuration file location: /etc/sysconfig/network-scripts

check hostname: hostnamectl status
configuration file: /etc/hostname
Change hostname: hostnamectl set-hostname <new hostname>

Software bridge
Let virtual system in KVM has connection

Create a software bridge: 
1. create master: nmcli con add type bridge con-name br0 ifname br0
2. add slaves:  
nmcli con add type bridge-slave con-name br0-port1 ifname eth0 master br0
nmcli con add type bridge-slave con-name br0-port2 ifname eth1 master br0

Check software bridge: brctl show 

Network Bonding / Teaming
bond / team: several network adaptor works as one, used for performance and redendancy
bonding: original way
teaming: efficient way

Bond
1. create master
nmcli con add type bond con-name bond0 ifname bond0 
active-backup
nmcli con mod bond0 ipv4.addresses 10.0.0.10/24
nmcli con mod bond0 ipv4.method manual
2. add slave
nmcli con add type bond-slave ifname eth0 master bond0 con-name bond0-eth0
nmcli con add type bond-slave ifname eth1 master bond0 con-name bond0-eth1
3. active bond: nmcli con up bond0
4. dis-active a slave: nmcli dev dis eth1
5. check status: cat /proc/net/bonding/bond0

Team
different work mode
1. create team interface:
nmcli con add type team con-name team0 ifname team0 config '{"runner":{"name":"balance"}}'
2. determine network configuration
nmcli con mod team0 ipv4.addresses 10.0.0.10/24
nmcli con mod team0 ipv4.method manual
3. add slave
nmcli con add type team-slave ifname eth0 master team0 con-name team0-eth0
nmcli con add type team-slave ifname eth1 master team0 con-name team0-eth1
4. active team: nmcli con up team0
5. dis-active a slave: nmcli dev dis eth1
6. check status: cat /proc/net/teaming/team0

IPv6
Add IPv6 connection: nmcli con add con-name eno2 type ethernet ifname eno2 ip6 2001:db6:0:10::d000:310/64 gw6 2001:db6:0:10::1 ip4 192.168.0.10 gw4 192.168.1.0
Change IPv6 connection: nmcli con mod eno2 ipv6.address "2001:db8:0:1::c00:10/64 2001:db8:0:1::1"
Add IPv6 DNS: nmcli con mod eno2 +ipv6.dns 2001:4860:4960::8888

Journald & Rsyslogd
Journald: systemd
rsyslogd: services 

journald command: journalctl --> database
by default journald lost at reboot
can write to rsyslogd

Journald
read journald log: journalctl 
read last 10 message: journalctl -n 10
filter error message: journalctl -p err

filter time range: 
journalctl --since today
journalctl --since "2014-06-26 16:00:00" --until "2014-06-26 16:30:00"

filter with type: journalctl -o verbose
filter with specific service: journalctl _SYSTEM_UNIT=sshd.service
filter with specific PID: journalctl _PID=1462

RHEL 7 
RHCSA (RH124 RH134)
RHCE (RH254)

RHEL 7 INSTALLATION
20GB Storage
2GB Memory

/ 10GB xfs
/boot 400MB sda1
/home 500MB xfs
swap 2048MB swap

RHEL7 network adaptor name
eno: Mainborad network adaptor
ens: PCI-E network adaptor

During installation, you can use following screen to check
Ctrl+Alt+F1: main (error message)
Ctrl+Alt+F2: shell
Ctrl+Alt+F3: log (install error)
Ctrl+Alt+F4: storage-log
Ctrl+Alt+F5: program-log
Ctrl+Alt+F6: install screen

MariaDB
Migrate from Mysql to MariaDB:
1. Copy Binary data and metadata file 
2. API, Port, Protocol all the same
3. From customer side, MariaDB and Mysql is exactly same.

Mysql MYISAM --> MariaDB Maria
Mysql Innodb --> MariaDB XtraDB

Installation
server; yum groupinstall mariadb
client: yum groupinstall mariadb-client

Start command: systemctl start mariadb
Automatic start: systemctl enable mariadb
Status command: systemctl status mariadb
Stop command: systemctl stop mariadb

Configuration
Security Enhance: mysql_secure_installation
Login: mysql -u root -p
Add firewall rule for mariadb: 
firewall-cmd --permanent --add-service=mysql
firewall-cmd --reload

Operation
Check database: show databases;
Create database: create database <database name>;
Connect database: use <database name>;
Grant privilege: 
Grant <privileges> on <database name>.<table name> to <username>@<hostname> identified by <password of user>;
flush privileges;
Backup database: mysqldump -u <username> -p <password> <database name> > <dump file>
Recover database: mysql -u <username> -p <password> < <dump file>

Comments

Post a Comment

Popular posts from this blog

Nginx Proxy & Load Balance & LNMP

-
Nginx Proxy Service E-commerce website Server 1: provide image request response (  apache / nginx ) Server 2: provide dynamic request response ( php-fpm / apache-php ) Server 3: provide static request response ( apache / nginx ) Server 4: provide data request response ( mysql ) It need one additional nginx server 1. Install nginx 2. proxy to specific server Example location / {      proxy_pass http://192.168.199.187:80/; } location /bbs/ {      proxy_pass http://192.168.199.187:80/bbs/; } location ~* \.(jpg|png|gif)$  {      proxy_pass http://172.16.100.7; } Enhance the log information and specific the hostname location / {      proxy_pass  http://192.168.199.187:80/;      proxy_set_header <parameter name>  $host;  (client requst the hostname )      proxy_set_header <parameter name> $remote_addr; ...
Read more

Snort+barnyard2+Snorby CentOS 6.5_64 Installation

-
#download packages: daq-2.0.2.tar.gz ImageMagicK-6.8.9-8.tar.gz oinkmaster-2.0.tar.gz ruby-1.9.3-p547.tar.gz snort-2.9.6.2.tar.gz snortrules-snapshot-2962.tar.gz MySQL-server-5.5.40-1.rhel5.x86_64.rpm MySQL-client-5.6.21-1.rhel5.x86_64.rpm MySQL-devel-5.6.21-1.rhel5.x86_64.rpm MySQL-shared-5.6.21-1.rhel5.x86_64.rpm epel-release-6-8.noarch.rpm barnyard2-2.1.13.tar.gz #install yum package rpm -ivh epel-release-6-8.noarch.rpm yum install gcc-c++ patch readline readline-devel zlib zlib-devel flex git yum install libyaml-devel libffi-devel openssl-devel make  yum install bzip2 autoconf automake libtool bison iconv-devel libxml2-devel libxslt  yum install gcc g++ build-essential libssl-devel libreadline5-devel zlib1g-devel linux-headers-generic libsqlite3-devel libxslt-devel curl-devel sqlite-devel yum --enablerepo=epel install jasper jasper-libs jasper-devel #Mysql install yum remove mysql mysql-libs rpm -ivh MySQL-server-5.5.40-1.rh...
Read more

ORACLE Error

-
Image
oracle official error explanation  http://docs.oracle.com/cd/E11882_01/server.112/e17766/toc.htm 从服务器下载ALERT日志文件,传输方式需要选择"ASCII" ORA-01078: failure in processing system parameters 发生场景:新建数据库第一次启动时 SQL> startup ORA-01078: failure in processing system parameters LRM-00109: could not open parameter file ‘/home/oracle/oracle/product/10.2.0/db_1/dbs/initorcl.ora’ 原因:oracle_sid没有配置正确 解决方案: 1. 修改oracle用户.bash_profile文件中ORACLE_SID后的内容; 2. 重新已oracle用户登录; ORA-01157: cannot identify/lock data file string - see DBWR trace file  Cause: The background process was either unable to find one of the data files or failed to lock it because the file was already in use. The database will prohibit access to this file but other files will be unaffected. However the first instance to open the database will need to access all online data files. Accompanying error from the operating system describes why the file could not be identified. Action: Have operating system make file ...
Read more