RHCSA stuff 2 Flashcards
Install podman
check version
Check environment and registry\repository info
Look for a specific image in repository
(image - prebuilt containers packed together)
Use highest star image - download
show previously downloaded images
Check running containers
Run container
Check if container is running check via web browser or command
View logs
Stop a running container
How do you run multiple containers of httpd?
Create a new container from the download image
Manage containers through systemd (manages boot processes) (first you’ll need to generate a unit file)
enable the service
yum install podman -y
podman -v
podman info
registries:
search:
- registry.access.redhat.com
- registry.redhat.io
- docker.io
If you’re looking for specific image, it will look in the above order
podman search httpd
podman pull docker.io/library/httpd (or whatever you want)
podman images
podman ps
podman run -dt -p 8080:80/tcp docker.io/library/httpd
(-d detach/daemon mode - runs in background, -t give it a terminal, -p expose port from host to container so we want container listening on container, this gives it its own httpd instance)
podman ps
localhost:8080
pogman logs -l
podman ps (container id will be first collumn)
podman stop (container-id)
Change the port to run multiple containers:
podman run -dt -p 8081:80/tcp docker.io/library/httpd
podman run -dt -p 8082:80/tcp docker.io/library/httpd
podman create –name nates_httpd docker.io/library/httpd (last part is the registry) <- creates image
podman start nates_httpd <- starts container
podman generate systemd –new –files –name nates-httpd (generates unit file)
If you don’t get the message that it’s in /etc/systemd/system then it’s in /root
systemctl enable/start container-httpd.service (whatever it’s acalled in /etc/systemd/system)
TO DELETE CONTAINER
Show logs for a container
podman logs amazing_juan
Remove a container
podman rm farting_bear
What is port binding on podman
8080:80
host port : container port
I want httpd ran on 8080 on my host
Show all containers that have been run on podman
podman ps -a
How do we make an interactive ubuntu container
podman -it -d -p 8080:80 ubuntu
podman attach (container id)
ctrl + p then q to leave
Install on ubuntu container
install updates and apache2 (httpd)
verify it’s running
create an image of the container so it saves
Create a container that’s saved
podman pull ubuntu
podman run -it ubuntu /bin/bash
apt update apache2 -y
apt dist-upgrade
/etc/init.d/apache2 status
/etc/init.d/apache2 start
CTRL + p (let got of P) q
podman commit (container id) apache-test:1.0 (version number not necessary)
Oh no! it doesn’t pull up the web page!
podman commit (containerid) –change=’ENTRYPOINT [“apachectl”, “-DFOREGROUND” (new container id)
apache-test:1.1
TRY THIS INSTEAD
podman commit (containerid) (newcontainerid) change=’CMD [“apachectl”, “-DFOREGROUND”]’
Now create a container
podman create –name nathan_container -p 8080:80 nathan
if ENTRYPOINT doesn’t work use CMD (this will save you a lot of frustration)
ENTRYPOINT - this is another word for the first thing the container does upon loading.
Build a docker file
mkdir dockerfiles
cd dockerfiles
vi Dockerfile
FROM ubuntu (the container you want to create image from)
MAINTAINER Nathan joshcahoe@gmail.com
Update packages
RUN apt update; apt dist-upgrade -y
Install packages
RUN apt install -y apache2 vim-nox
Set entrypoint
ENTRYPOINT apache2ctl -D FORGROUND
if ENTRYPOINT doesn’t work use CMD
podman build -t lltv/apache-test:1.2 .
-t means tag
. means find the dockerfile in current directory
(if ubuntu prompts for date and time settings add this)
ARG DEBIAN_FRONTEND=noninteractive
Create a container out of your working apache server and assign it port 8081
Next turn it into a service you can turn on
podman create –name nathan -p 8081:80 apache_server
podman generate systemd –new –files –name apache_server
the podman container has to be running in order to create the systemd service
Look at the ubuntu image via skopeo
skopeo inspect docker://docker.io/library/ubuntu
skopeo list tags docker://docker.io/library/ubuntu
/dev/sdb1 has an xfs file system, check if it’s functioning properly then return the exit code
xfs_repair
echo $?
Show what run-level you’re in
who -r
Describe the linux boot process
Power Button Pressed
BIOS (basic input output system) -
performs system integrity checks, looks for boot loader (like a Hard Drive or CD)
MBR (Master Boot Record) 1st sector of the disk (like /dev/sda/) Executes GRUB and loads in RAM
GRUB2 (Grand Unified Bootloader) executes kernel - allows you to choose version of kerenel. (/boot/grub/grub.conf or boot/grub2/grub.cfg) YOU WILL SEE GRUB POP UP GIVING YOU KERNEL OPTIONS starts initrd (initial ram disk) temp root file system until kernel is booted
GRUB2 Loads vmlinux or vmlinuz, initrd loads just enough software to recognize your hardware to load full kernel.
/boot/vmlinuz
Kernel - Mounts the root file system from grub.conf. Executes /sbin/init, also loads required drivers from here and start the first OS process systemd.
Systemd the runs init and starts all required processes:
reads = /etc/systemd/system/default.target to bring the system to the run_level
Init - executes run level programs
/sbin/init
Runlevel - /etc/rc.d/rc(number).d/
Configure motd
vi /etc/motd
vi /etc/ssh/sshd_config
Motd - off
vi /etc/profile.d/motd.sh
systemctl restart sshd
3 different ways to view the disk partitions
df -h
fdisk -l
lsblk
Adding a disk
Show added disk
Create new partition
Add file system type (We want linux shit)
Mount that ol’ girl to a directory you make called data
Make it mounted on boot
Unmount
Add hard drive
fdisk -l
fdisk /dev/sdb
n
p (primary)
(enter)
(enter)
+1G (if you wanted to make a 1G partition)
w (write table to disk and exit)
fdisk -l
mkfs.xfs /dev/sdb1 (xfs is linux shit)
mkdir /data
mount /dev/sdb1 /data
vim /etc/fstab
at end:
/dev/sdb1 /data xfs defaults 0 0 (this allows this on boot)
umount /data
You can use UUID located in blkid in /etc/fstab instead of /dev/sdb1
Setup LVM via starting setup
During initial setup:
Select -> Instillation destination
Select : “I will configure partitioning”
New mount points will use the Following partitioning scheme:
LVM
Click the plus
Add the other disk and make sure it’s in the same Volume group (these can be on different mount points)
/
/home
/var
swap
/boot
You can just do one partition under / if you like
start up and:
df -h
/dev/mapper/host123-root (host123 is the name of our LVM volume, if you see this naming convention, this means this is an LVM partition)
Adding Disk and Creating new LVM partition
Add new hard disk
show where it’s located
create partition (make sure you make it LVM)
create a physical volume for it
Create a volume group
Create Logical Volume (or logical partition you could call it)
Mount to directory oracle
Create new disk
fdisk -l (confirm it’s there)
fdisk /dev/sdc
n
p
(enter)
(enter)
(enter)
p (shows info)
t (type of partition)
L (shows hex codes) 8e (Linux LVM)
p (to confirm)
w (to write)
pvcreate /dev/sdc1 (pvcreate - physical volume create)
pvdisplay (shows volumme info)
vgcreate oracle_vg /dev/sdc1 (or whatever name you want)
vgdisplay oracle_vg
lvcreate -n oracle_lv –size 1000M oracle-vg
or (lvcreate -n oracle_lv -l 100%FREE oracle-vg
mkfs.xfs /dev/oracl_vg/oracle_lv
mkdir /oracle
mount /dev/oracle_vg/oracle_lv /oracle
df -h
vim /etc/fstab
add:
/dev/oracle_vg/oracle_lv /oracle/ xfs defaults 0 0
Extend your LVM
Add disk
fdisk -l | more
fdisk /dev/sdd
n
p
t
8e
w
pvdisplay (see what’s associated to what in terms of Volume Groups)
vgdisplay oracle_vg
(look at Volume Group Size)
pvcreate /dev/sdd1
vgextend oracle_vg /dev/sdd1
lvextend -L+1024M /dev/mapper/oracle_vg-oracle_lv
xfs_growfs /dev/mapper/oracle_vg-oracle_lv
What is recommended swap size
double memory
Add then delete swap space
Basically this command makes 1G of data thrown into a file
df -h (look for swap space, it’s all the partitions named tmpds or devtmpfs)
free -h
dd if=/dev/zero of=/newswap (name you pick) bs=1M count=1024
=======================================
dd - creates new file | convert and copy a file
if - read from file instead of standard input
of - write to file instead of standard output
bs - byte size - read/write byte size at a time
count - total size of the file
/dev/zero - dummy file to create file filled with zeros
chmod go-r newswap
mkswap /newswap
swapon /newswap
free -h
vim /etc/fstab
at bottom
/newswap swap swap defaults 0 0
swapoff /newswap
rm /newswap
delete from /etc/fstab
Install Stratis
add 2 5G disks
create new stratis pool
Extend the pool
Use dnf instead of yum since it will eventually replace it
Create a file system for it
Mount your directory to a new directory called /bigdata
Create a snapshot of your file system
Make it mountable at boot
dnf installs stratis-cli stratisd -y
systemctl start stratisd
systemctl enable stratisd
add harddisks
lsblk (check to see if disks were added)
stratis pool create pool1 /dev/sdb
stratis pool list
stratis pool add-date pool1 /dev/sdc
stratis pool list
stratis filesystem create pool1 fs1
stratis filesystem list
mkdir /bigdata
mount /dev/startis/pool1/fs1 /bigdata (get the name from stratis filesystem list)
lsblk (check to see if it’s mounted)
df -h (this will show it has 1T, this isn’t accurate, it’s just a stratis code that’s funky, so ignore that)
stratis filesystem list (this will show you the actual size)
stratis filesystem snapshot pool1 fs1 fs1-snap
vim /etc/fstab
at end:
stratis filesystem list (to get uuid)
UUID=”asf-0887afgdja-“ /bigdata xfs defaults, x-systemd.requires=stratisd.service 0 0
That last bit means we won’t try and load this until the stratis service starts
Check if the ext4 file system on /dev/sdb1 is functional
fsck /dev/sdb1
DON’T FORGET TO UNMOUNT
Show file systems via df
df -T
Clean file system ext2-4
fix it with no questions
fsck -f (force check even if no errors)
fsck -y (if errors, answer yes to all questions)
Make a copy of everything on sda and put it on sdb
Make sure have same fs
mount sda
add contents
unmount
dd if=/dev/sda of=/dev/sdb
Create an NFS Server
firewall-cmd –permanent –add-service=nfs and rpcbind
yum install nfs-utils libnfsidmap (probably aleady installed)
systemctl enable rpcbind
systemctl enable nfs-server
systemctl start rpcbind, nfs-server, rpc-statd, nfs-idmapd ( do each on their own line
mkdir /mypretzels
chmod a+rwx /mypretzels
cp /etc/exports /etc/exports_orig
vim /etc/exports
/myprezels 192.168.12.7 (rw,sync,no_root_squash)
exportfs -rv
192.168.12.7 (client)
If you want to give it to everyone just put “*”
sync - write to disk immediately
- root onl client machine will have same level of access to files as root on server
-r republish everything in /etc/export
-v verbose
=======================================
Create an NFS client
Steps for NFS client configuration
yum install nfs-utils rpcbind
systemctl rpcbind start
firewall-cmd –permanent –add-port=111/tcp
firewall-cmd –permanent –add-port=rpc-bind
mkdir /mnt/app (just make a mount point)
mounnt 192.168.1.5:/mypretzels /mnt/app
Difference between Samba and NFS
Samba can share with other OS’ but NFS can’t
Configure Samba
yum install samba samba-client samba-common
firewall-cmd –permanent –zone=public –add-service=samba
mkdir -p /samba/moreprezels
(-p make parent directories as needed)
chmod a+rwx /samba
chown -R nobody:nobody /samba
chcon -t samba_share_t /samba
vim /etc/selinux/config
SELINUX=disabled
reboot
(from samba dir /etc/samba/) cp smb.conf smb.conf.orig
(delete everything below the comments copy contents from guide and paste.)
test par (test parametar)
(hit enter)
systemctl enable smb
systemctl start smb
systemctl enable nmb
systemctl start nmb
cd /samba/morepretzels
touch apples
=======================================
NOW LOOK AT THE SHARE VIA WINDOWS
\192.168.1.95 (whatever your ip is on linux)
Right click -> new -> text document -> save and call it yara to check if it pops up on linux
=======================================
NOW LOOK AT THE SHARE VIA ANOTHER LINUX
yum install cifs-utils samba-client
mkdir /mnt/sambashare (creating mnt point)
mount -t cifs //192.168.1.95/Anonymous /mnt/sambashare
(-t which file system)
==================================================
HINTS
Nobody is used for NFS - particularly when using root_squash which maps uid 0 (root) to nobody’s uid preventing the client from access the file as a super user. I think Nobody might actually be used since it is an account that anyone can use and it has limited rights.
Configure autofs
yum install autofs -y
systemctl start autofs
systemctl enable autofs
vim /etc/auto.master
add:
/nfs /etc/auto.nfs –timeout=60 –ghost
(ghost creates directories inside the nfs)
or instead of /nfs do /-
vim /etc/auto.nfs
nfs -fstype=nfs 192.168.1.114:/nfs
or if you used /-
/nfs -fstype-nfs 192.168.1.114:/nfs
Look up unit httpd in journalctl
Show incrementing logs from httpd
Show just errors
journalctl -u httpd
jounalctl -fu httpd
journalctl - p err -u httpd
-r reverse
-n 5 show last 5
Make the journalctl persistent
System logs are ephemeral, they go away on boot
vim /etc/systemd/journal
#Storage=persistent
if it’s
#Storage=auto
This means if /var/log/journal exists it will stay perminant, if not it will make an ephemeral log.
systemctl daemon-reexec
or
systemctl reload systemd-journald
mkdir -p /var/log/journal/
Automount all filesystems specified in fstab
mount -a
Find all directories named fart in my home directory
How would you search for a file with this name?
find /home/delsinm -iname “fart” -type d
-type f
What do you put at the end of a find command to perform another command
-exec rm {} \;
\; ends find command
or
+
{} <- remove whatever’s there
All files in the Pictures directory need the execute bit removed, how would you do this with the find command.
find Pictures/ -type f -exec chmod u-x {} +
option to use with find to find files owned by user
-user delsinm
Find only empty files in your directory
find /home/delsinm -type f -empty
find only file that have been modified within the week that contain the word “log”
then more than a month but also show the full permissions with the second one
find / -iname “log” -mtime -7
find / -iname “log” -mtime +30 -ls
Change the root password
Reboot press up and down to pause countdown
- select kernel you want to boot into in grub menu and press e
- at end of “linux line” type “rd.break” (ctrl + E here to jump to end of line)
- CTRL + x
- mount -o remount,rw /sysroot
- chroot /sysroot
- passwd
- touch /.autorelabel
- exit
- reboot
chroot /sysroot <- chroot sections this root directory off to where it won’t interfere with the system. Turns this process into root directory.
The mount command options there tell you that you’re changing sysroot to writable so you can change the password.
rd.break tells your computer to break the boot process and go into maintenance mode.
list all enabled repositories
List all available repos with yum
yum repolist
yum repolist all
List all available repositories and then enable one then disable it
subscription-manager repos –list
subscription-manager repos –enable repository
subscription-manager repos –disable repository
(repository here is a place holder for whatever you want to enable)
dnf config-manager –enable repository
dnf config-manager –disable repository
show info on repos you have currently with dnf
dnf repoinfo
Add a repo from a url via dnf
Disable then enable rhel8-test
dnf install createrepo dnf-utils
dnf config-manager –add-repo https://repo.test.com
restart dnf? maybe just restart?
dnf config-manager –disablerepo rhel8-test
dnf config-manager –enablerepo rhel8-test
https://www.youtube.com/watch?v=RXwjttIO_dI
Add up until /86_64
|||
Remember to update system
To open a repos server create your repo like normal, in that end it will need to go into /var/www/html
open the firewall to html
start httpd
baseurl=http://192.168.10.170/var/www/localrepo
Show current target
Show all available targets
Set a different boot target
systemctl get-default
systemctl list-units –type target
systemctl set-default multi-user.target