Friday, 6 December 2019

PXE Boot Server on CentOS-7-1810

Prepare PXE Boot Environment for Linux (CentOS-7-1810)


Hello Friends ,

This is Manish Dixit , having12 yrs of  experience in IT sector with different-2 technologies like Security, Network, Server - Data-Center & Cloud .Today we will learn how to create PXE boot environment for Linux OS. We will take CentOS 7-1810 version for this.
Below are details of my Setup :
  • Server IP = 192.168.1.1
  • Host name =auto.example.com
  • OS = CentOS 7-1810
  • SELinux =disabled
  • Firewall =disabled   
 
  •  Set Hostname of your Linux PXE Server as per below command:-
# hostnamectl set-hostname auto.example.com
  • Assign IP Address using below command:-
#nmtui
  • Install required packages for PXE Setup using "yum"-
#yum install dhcp tftp tftp-server syslinux vsftpd xinetd
  •  Configure DHCP Server for PXE, Copy the following lines into the file ‘/etc/dhcp/dhcpd.conf’, replace the IP subnet and other details as per your environment.
#vi /etc/dhcp/dhcpd.conf

# DHCP Server Configuration file.

ddns-update-style interim;
ignore client-updates;
authoritative;
allow booting;
allow bootp;
allow unknown-clients;

# internal subnet for my DHCP Server
subnet 192.168.1.1 netmask 255.255.255.0 {
range 192.168.1.1 192.168.1.50;
option domain-name-servers 192.168.1.1;
option domain-name "auto.example.com";
option routers 192.168.1.1;
option broadcast-address 192.168.1.255;
default-lease-time 600;
max-lease-time 7200;

# IP of PXE Server
next-server 192.168.1.1;
filename "pxelinux.0";
}
  • Edit and Config tftp server -- /etc/xinetd.d/tftp
#vi /etc/xinetd.d/tftp
service tftp
{
 socket_type = dgram
 protocol    = udp
 wait        = yes
 user        = root
 server      = /usr/sbin/in.tftpd
 server_args = -s /var/lib/tftpboot
 disable     = no
 per_source  = 11
 cps         = 100 2
 flags       = IPv4
}
  • Run the below commands to copy required network boot files in ‘/var/lib/tftpboot/’
# cp -v /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot
# cp -v /usr/share/syslinux/menu.c32 /var/lib/tftpboot
# cp -v /usr/share/syslinux/memdisk /var/lib/tftpboot
# cp -v /usr/share/syslinux/mboot.c32 /var/lib/tftpboot
# cp -v /usr/share/syslinux/chain.c32 /var/lib/tftpboot
# mkdir /var/lib/tftpboot/pxelinux.cfg
# mkdir /var/lib/tftpboot/networkboot
  •  Mount CentOS 7-1810 ISO file and copy its contents to local ftp server
#mount /dev/cdrom/ /mnt/
  •  Copy Kernel file (vmlimz) and initrd file from mounted iso file to ‘/var/lib/tftpboot/networkboot/’
#cp /mnt/images/pxeboot/vmlinuz /var/lib/tftpboot/networkboot/
#cp /mnt/images/pxeboot/initrd.img /var/lib/tftpboot/networkboot/ 
#umount /mnt/
  • Create kickStart & PXE menu file.
#openssl passwd -1 pxe@123
$1$w9lGTM1l$45PV9nT27DEU9sVf2ucAz1
  •  Copy the following content into the new kickstart file. Please modify the kickstart file as per your needs.
#vi /var/ftp/pub/centos7.cfg

#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Firewall configuration
firewall --disabled
# Install OS instead of upgrade
install
# Use FTP installation media
url --url="ftp://192.168.1.1/pub/"
# Root password
rootpw --iscrypted $1$w9lGTM1l$45PV9nT27DEU9sVf2ucAz1
# System authorization information
auth useshadow passalgo=sha512
# Use graphical install
graphical
firstboot disable
# System keyboard
keyboard us
# System language
lang en_US
# SELinux configuration
selinux disabled
# Installation logging level
logging level=info
# System timezone
timezone Europe/Amsterdam
# System bootloader configuration
bootloader location=mbr
clearpart --all --initlabel
part swap --asprimary --fstype="swap" --size=1024
part /boot --fstype xfs --size=300
part pv.01 --size=1 --grow
volgroup root_vg01 pv.01
logvol / --fstype xfs --name=lv_01 --vgname=root_vg01 --size=1 --grow
%packages
@^minimal
@core
%end
%addon com_redhat_kdump --disable --reserve-mb='auto'
%end 
  • Create a PXE menu file (/var/lib/tftpboot/pxelinux.cfg/default), copy the following contents into the pxe menu file.
#vi /var/lib/tftpboot/pxelinux.cfg/default

default menu.c32
prompt 0
timeout 30
MENU TITLE DIXIT PXE MENU
LABEL centos7-1810
MENU LABEL CentOS 7_X64
KERNEL /networkboot/vmlinuz
APPEND initrd=/networkboot/initrd.img inst.repo=ftp://192.168.1.1/pub ks=ftp://192.168.1.1/pub/centos7.cfg 
  • Start and enable xinetd, dhcp and vsftpd service.
# systemctl start xinetd
# systemctl enable xinetd
# systemctl start dhcpd.service
# systemctl enable dhcpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.
# systemctl start vsftpd
# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
  • Give permission to centos7.cfg
#chmod 755 /var/ftp/pub/centos7.cfg
  • Boot the clients with pxe boot option.
Posted by at No comments:

Sunday, 4 August 2019

ITSM software tool - GLPI Installation on CentOS 7- 1810 Version

GLPI Installation


Hello Friends ,

I am Manish Dixit , I have 12 yrs of  experience in IT sector with different-2 technologies which comes under Security, Network, Server - Data-Center & Cloud . In this Post, you will learn how to install GLPI 9.4.3 on CentOS 7- 1810 version.
  • Install CentOS 7-1810 version (I hope you know how to install CentOS, If you dont know then you can follow my page How To Install Cent-OS 7) , Login using root credential.

  • Disable SELinux by using "/etc/selinux/config" file.
     

  • Install httpd, php using yum

  • Edit /etc/php.ini using below snapshot

  • Install mysql using yum command

  • Download GLPI and unzip using "tar" command


  • Copy this "glpi" folder to web directory , change ownership to "Apache" user and configure "/etc/httpd/conf/httpd.conf" as per below snapshot.



  • Start httpd service and make on for startup.

  • Upgrade php 5.3 to php 7.0 using below wget command and upgrade it .



  • Login using weburl for installation of GLPI.


  • Install dependent package for GLPI as per below snapshot.



  • Click on "Continue", you can ignore other warnings

  • Create Repo for Maria DB and add content for Download "MariaDB".


  • Install "MariaDB" and start the service


  • Enable mysql user as per below:



  • Now go ahead with the installation.






  • Here is the console!!!


















Posted by at No comments:

Friday, 17 May 2019

CLOUD COMPUTING WITH AWS

CLOUD COMPUTING WITH AWS

Hello Friends ,

I am Manish Dixit , I have 12 yrs of  experience in IT sector with different-2 technologies which comes under Security, Network, Server - Data-Center & Cloud . In this Post you will learn about Cloud Computing and how AWS provide us benefit for Cloud Computing.

 CLOUD COMPUTING :- It is the on-demand delivery of IT resources and applications via the internet with pay-as-you-go pricing. Many Organization provides this service but below few are popular in industries.

  • AWS (Amazon Web Services)
  • Microsoft Azure
  • GCP (Google Cloud Platform)
Why do we need cloud computing?



 Advantages:-
  • Global in Minutes
  • Variable V$ Capital Expenses
  • Economies of Scale
  • Increase Speed and Agility
  • Focus on business differentiator
  • Stop guessing Capacity
What are the CLOUD Computing Deployment Models:- 
  • Private Cloud:-  It is Cloud base service models (IaaS, PaaS, SaaS) for Infrastructure used by Stand alone Organization

  • Public Cloud:- It is based on shared cost model for all users or in the form of licensing for user base. Customer has no control over the location.

  • Community Cloud:- It is like mutual shared model with communities , It can be hosted by manually or third party side.

  • Hybrid Cloud:- Both Private and Public Cloud comes in it but separately .

AWS Fundamentals

 AWS provides on-demand delivery of IT resources via the internet on a secure cloud services platform, offering compute power, storage, databases, content delivery and other functionality to help businesses scale and grow

AWS provides a highly available technology infrastructure platform with multiple locations worldwide. These Location are composed of region and availability zones.

  • Region:-  It is a Separate Geographic Area
  • Availability zone:-  It is Isolated locations in a Region
Points to Remember:-
  1. Resources aren’t replicated across regions unless organizations choose to do so.
  2. Each Region is completely independent and is designed to completely isolated from the other Regions.
  3. Each Availability zones are also isolated, but the availability zones in a region are connected to low-latency links.

How to Access AWS Cloud Services

  • AWS Management Console
  • AWS CLI
  • AWS Software Development Kits (SDK)
In NEXT POST , We will learn how to create account on AWS and Some important Services on AWS.



Posted by at No comments:

Saturday, 11 May 2019

Installation of CentOS-7-1810 Step by Step with Basic Knowledge of Linux-Part1

Linux Basics With CentOS-7 Installation


Hello Friends ,

I am Manish Dixit , I have 12 yrs of  experience in IT sector with different-2 technologies which comes under Security, Network, Server - Data-Center & Cloud . Here in this post you will learn Linux basics with CentOS 7-1810 installation.

 Basically Linux is a family of open Source Operation System (Base is like Unix) and it is based on linux kernal , invented by Linus Trovald.

 When you install Linux, it allows variety of  File System supported. Some of file system are as below for Linux operating System..

 Ext, Ext2, Ext3, Ext4, JFS, XFS and SWAP 

 When you install Linux operating system , a default user (called "root") created during installation . This user is like Administrator in Windows, it has all privilege. One default directory created (called /  --- this is called root directory) , all directory which we create manually or other system directories comes under it.
**It means if we want to go in etc directory the we have to use /etc not etc only**
Every directory will come under / directory (root directory)


  • Once downloaded, boot the system using the CentOS image (Here i am taking CentOS-7 1810), you will get below image to install CentOS. Just go to "Install CentOS 7"

  • Press "Enter" to begin Installation.

  • For Language - Choose language according to you. Click on Continue

  • As per this Lab , i am taking Installation Summary as per below (DATE & TIME:- Asia/Kolkata timezone !! SOFTWARE SELECTION:- Minimal Install !! INSTALLATION DESTINATION:- Automatic Partitioning selected !!)

  • After these setting, click on "Begin Installation". Set Root Password by click on it.

  • It will take few minutes to install Cent OS (minimal Installation).Once it is done, it will ask to reboot your system. Just reboot it

  • After restart, it will give yo login screen on CLI (Command Line Interface). root is the default user and enter the password which you set during installation.

  • As shown in pic, CentOS Linux 7 is the Operating system , Kernel version is 3.10.0-957.el7.x86_64 (3 is the Major Release and this is applicable for x86 and 64 bit Operating System)
  • [root@localhost ~]#  In this case root indicate that "root" user is logged in now.... localhost indicate the System Hostname..... ~ indicate the Present Working Directory.... and # symbol means that this user has root privilege  
In my NEXT POST you will learn basic commands of Linux Operating System.
Posted by at No comments:

Symantec Endpoint Protection 14.2 RU1 With Server 2016 Std Edition-Part3

SEPM 14.2 RU1 with Windows Server 2016


Hello Friends ,

I am Manish Dixit , I have 12 yrs of  experience in IT sector with different-2 technologies which comes under Security, Network, Server - Data-Center & Cloud . In this post you will learn , how to create policies and integrate SEPM with Active Directory.

  • To Create Policies go to Policies Section -- Click on "Virus and Spyware Protection" and Add a new policy by clicking Right click.

  • Give Policy Name whatever you want to give. Go in "Administrator-Defined Scans" ,delete existing one and create a new schedule scan one by clicking on Add button.

  • In Scan Type Section , i am using Full Scan (Time :- Weekly - Wednesday at 00.30 AM !! Scan Duration:- Scan until finished !! Retry the scan within:- 3 days). You can set these settings as per your need.

  • In Advance Scanning options , i am using Compressed Files:- Number of levels--5 !! Tuning:- Best Application Performance. Go to Action tab and choose the setting which you want to apply for your endpoints (this will applicable when any type of security risk//malware/virus etc arrive and your AV will take action against those threats). You can set Notifications also by going Notification tab. After these settings click on OK

  • Now go in Advance tab. For my Scenario i choose "Do not show scan progress

  • Now we will configure Auto protect Settings.  File System Auto-Protect is a type of ongoing or background scan that provides real-time protection for files on your computer. Whenever you access, copy, save, move, open, or close a file,Auto-Protect scans it to ensure that a threat or security risk is not present.


  • You can lock these setting (If you don't want that user should not modify setting by opening client interface, then you can click on the lock button and it will lock). You can also define Action as per your scenario. There is Advanced tab in which you can define Startup and shutdown options of SEP agent.

  • Now go to Download Protection tab. Download Insight detects potential risk in a file using file reputation. Here you can set sensitivity against files.You can also set Action against Download Protection by going in Actions tab.

  • Now we have to configure SONAR properties. SONAR is the abbreviation for Symantec Online Network for Advanced Response. Unlike virus signatures, SONAR examines the behavior of applications to decide whether they are malicious.

  • Now we will set Email Scan settings. Go in Microsoft Outlook Auto Protect and click Enable to Apply.

  • Once You done with these setting, Click on OK and then you can see your custom Virus and Spyware Protection Policy.

In my NEXT POST we will learn about other Policies such as Live Update , Application and Device Control Policy.





Posted by at No comments:
Subscribe to: Comments (Atom)