subscription-manager remove –all
subscription-manager unregister
subscription-manager clean
subscription-manager register --username youraccountlogin --password yourpassword
/etc/rhsm/rhsm.conf
hostname
to: subscription.rhn.redhat.com
prefix
to: /subscription
port
to: 443
baseurl
to: https://cdn.redhat.com
repo_ca_cert
to: %(ca_cert_dir)sredhat-uep.pem
full_refresh_on_yum
to: 0
subscription-manager list --available subscription-manager attach --pool=pool_id subscription-manager list --consumed subscription-manager repos --list subscription-manager repos --enable repository
yum update
pathmunge $HOME/bin
and pathmunge /usr/java/bin
to /etc/profile
yum install gcc make perl kernel-devel
mount -t vboxsf -o uid=1000,gid=1000 sharename /home/you/some/folder
Docker requires the container-selinux
package, not available in RHEL repos.
Get it from: CentOS 7 package mirror
Then, install Docker with:
yum remove docker docker-common docker-selinux docker-engine yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo yum install docker-ce
… alternately …
yum check-update curl -fsSL https://get.docker.com/ | sh systemctl start docker systemctl status docker systemctl enable docker
See official documentation for further details
yum install kernel-devel
gpg –quiet –with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-zfsonlinux
/etc/yum.repos.d/zfs.repo
, change:enabled=1
to enabled=0
in the [zfs]
sectionenabled=0
to enabled=1
in the [zfs-kmod]
sectionyum install zfs
systemctl preset zfs-import-cache zfs-import-scan zfs-import.target zfs-mount zfs-share zfs-zed zfs.target
modprobe zfs
yum install debootstrap perl libvirt
yum install lxc lxc-templates
systemctl status lxc.service
systemctl start lxc.service
systemctl status lxc.service
systemctl start libvirtd
systemctl status lxc.service
lxc-checkconfig
See also: CentOS/RHEL Specifics for LXC
grep -E '(vmx|svm)' /proc/cpuinfo
systemctl enable libvirtd
yum –disablerepo=“*” –enablerepo=“epel” update
… to be added …
List active zone(s): | firewall-cmd –get-active-zones |
Add port (note zone): | firewall-cmd –zone=public –add-port=3000/tcp –permanent |
Refresh: | firewall-cmd –reload |
hostnamectl set-hostname Your-New-Host-Name-Here hostnamectl set-hostname "Your New Host Name Here" --pretty hostnamectl set-hostname Your-New-Host-Name-Here --static hostnamectl set-hostname Your-New-Host-Name-Here --transient
In /etc/security/limits.conf
, create a file like 20-nofile.conf
:
* hard nofile 4096 * soft nofile 1024 @users soft nofile 2048 rk4n3 hard nofile 81920 rk4n3 soft nofile 8192
chcon --reference=oldfileordir newfileordir
yum --disablerepo=“*” --enablerepo=“my-repo” update
/etc/rsyslog.d/yourapp.conf
# Separate yourapp logging into its own file if $programname == 'yourapp' then /var/log/yourapp.log & stop
/etc/logrotate.d/yourapp
:/var/log/yourapp.log { missingok weekly size 2G copytruncate rotate 12 notifempty }
/opt/wildfly
, so create a symbolic link at that location to the actual installation directorymkdir /var/log/wildfly chown wildfly:wildfly /var/log/wildfly chmod 755 /var/log/wildfly
mkdir /var/run/wildfly chown wildfly:wildfly /var/run/wildfly chmod 755 /var/run/wildfly
/etc/default/wildfly.conf
to the standalone.conf
file in the wildfly instance/etc/default/wildfly.conf
:JAVA_HOME
is set to the directory that the java you want to use lives atJBOSS_HOME
is set to /opt/wildfly
JBOSS_USER
, and ensure its set to the user that you want wildfly to run as/opt/wildfly/docs/contrib/scripts/init.d/wildfly-init-redhat.sh
to /etc/init.d/wildfly
/opt/wildfly/standalone/configuration/standalone.xml
:127.0.0.1
to actual IP addresscd /opt/wildfly/bin ; ./add-user.sh
chkconfig --add wildfly chkconfig wildfly on''
service wildfly start
, and stop with service wildfly stop
http://hostipaddress:9990/console
http://hostipaddress:8080
by default (unless changed in config file)See CentOS/RHEL section in Jenkins devops page
See CentOS/RHEL section in Gatling devops page
/usr/bin/ping
): setcap cap_net_raw+p /path/to/command
journalctl -m –vacuum-time=1s
CentOS will typically require accepting license agreement (again) after a significant upgrade.
This can mean that the system will not complete booting until license agreement acceptance is
completed on a console.
Example:
firewall-cmd --permanent --zone=public --add-port=80/tcp firewall-cmd --reload
/etc/group
)gpasswd -a ldaplogin localgroup
drwx——
permissions, which denies other uses visibility under then entire tree.ls -lZd directorypath
… or
ls -lZ filepath
chcon -t root_t / chcon -t home_root_t /home chcon -t home_root_t /home/you chcon -t ssh_home_t /home/you/.ssh chcon -t ssh_home_t /home/you/.ssh/*
ls -Z /some/dir
chcon -R -t httpd_log_t /some/log/dir
chcon -R -t httpd_sys_content_t /some/www/docroot/dir
setsebool -P httpd_can_network_connect=1
/etc/fstab
:systemctl daemon-reload
This problem seems to be related to IPv6, so disabling IPv6 helps. Perform installation and first boot-up using the native Qemu GUI console, then disable IPv6 in the guest:
sysctl -a | grep ipv6 | grep disable | sed 's/= 0/= 1/g' > /etc/sysctl.d/ipv6.conf; sysctl -p /etc/sysctl.d/ipv6.conf
… then, the VM can be restarted in headless/VNC mode.
Links: Linux Info … Tech Info