Thursday, March 22, 2012

Quick Configurations Make For Trouble

I'm a few days behind in my studies for the RHCSA. I've scheduled the exam which has the added effect of pressure to be done within a certain time frame even though, I can of course, reschedule. Who wants to do that though!

For labbing I enabled X11 over SSH and am running GUI tools like virt-manager and system-config-firewall (iptables shell commands changed with RHEL 6 and I'm working on gotten it all sorted out) while not at home. Even at home though, I connect via VNC from my Mac Pro to the VM server.

The VM server built with Scientific Linux 6 and Tigervnc (quasi Xvnc)  is their default VNC server from their SL repo. So, it is what I went with to get things up quickly.

[root@shuttlehosti ~]# yum search vnc server
tigervnc-server.x86_64 : A TigerVNC server
[root@shuttlehosti ~]# yum install tigervnc-server.x86_64

Ok, I installed, configured it under my user account, according to this post from Then checked to see if it was persistent through reboots and it wasn't. That's fine. I only wanted my user account to be able to have access, I wrote a super simple bash script and dropped it in my .bashrc file.

[root@shuttlehosti ~]# less /home/kim/


vncserver :1 -geometry 1280x1024 -depth 24
/home/kim/ (END)

[root@shuttlehosti ~]# less /home/kim/.bashrc

# .bashrc

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc

# User specific aliases and functions
/home/kim/.bashrc (END)

Each time I log in to the machine it launches the vnc service for display :1 and fails out if display :1 is already open. Great until I have more time to focus on shell scripting. 

Yesterday, I started having issues with the VNC server and my connection attempts were getting refused. I would log out or reboot and try the connection and get be refused. Ok, disable IPtables, SELinux and try it again. Still nothing. Even running "vncserver -kill :1" didn't stop the process or allow me to log in.

So, whats the vnc process up to?  I do a

[root@shuttlehosti ~]#ps -efH | grep vnc
qemu      7458     1  0 Mar08 ?        00:01:28   /usr/libexec/qemu-kvm ...

 There are three processes just like that. Hmm 3 VMs up and running. Which means each VM  takes up a single vnc display when up and running. Curious. I checked out the VNC command options and came up with:

[kim@shuttlehosti ~]$ vncserver -list

TigerVNC server sessions:

:2              5931
:1              4007
:3              4206
[kim@shuttlehosti ~]$

The processes correspond to the VM processes noted in the ps command. Jeez. Ok, I shutdown the VMs, kill off the vnc process if any are left, relaunch the vnc process under my user account, and it works like a charm.

The moral of the story? Don't rush through Linux technologies when you need to " to get things up quickly."

So, RHCSA studies can resume. After the exam I would like to figure out how to write a shell script to check for the next available vnc display and to open a IPtables port to allow for connection.

Friday, March 16, 2012

Primer on reading Michael Jang's Red Hat Linux Certification Study Guide

I started reading Michael Jang's RHCSA/RHCE Red Hat Linux Certification Study Guide about 2 weeks  ago, then took a brief detour (3 days) to get my VM server up and running (see post - RHCSA Labs and Shuttle trouble - Just Getting Started). I'm working my way through the book and although it gets great reviews and is it's a great reference, I can't help but feel it's a tad all over the place.

For instance, The first couple of chapters have labs working through the chapter that are referenced at later points in the book (with things like "if you followed the previous lab, you should be here..."). However, it's never really clear if you're supposed to work those labs or only the ones at the end of the chapter, which seem a bit more official. I've been working both. On one hand the repetitive action is great, on the other it's starting to get a bit confusing.

Then there's the references to random sections in regards to previous and more advanced topics, which can drive one mad if you let it. Take SELinux for instance. When you are initially focusing on setting up VMs and deploying via kickstart, why not just set SELinux to permissive to allow a more clear focus on Kickstart? Instead there are random commands with no explanation other than referring to Chapter 4 and 11. Granted I know not all can be be explained at once, so why not circumvent the more advanced technology for the time being and address it with more a in depth explanation later in the book?

Well, enough ranting and besides, I really do like the book so far, sans the lab murkiness. Where this leads me is to a desire to list coherent directions on how to approach Jang's book. So, I'm going to layout how I am doing the initial 2 chapters and hope that will help keep me straight on what's going on.

Also, take note, some of the same tasks need to be done multiple times.

Chapter 1 Tasks:
  1. Read through chapter 1 without attempting exercises or labs
  2. Note drive partition suggestions (somewhat important for VM labs).
  3. Note basic installation steps
  4. Download demo of RHEL, download Scientific Linux 6 / CentOS 6 
    1. I grabbed a 30 day evaluation of RHEL (requires registration) and the flavors
  5.  Do Exercise 1.1 - Partitioning during install of RHEL (or flavor) on VM server
    1. if you setup the VM host as part of exercise 1, ignore the partitions he noted as you will need more space for VMs
    2. I'm working remotely, so setup VNC for host machine. Here's good instructions
  6. Follow along with noted basic installation steps
  7. If using a server to host VMs, ensure it is KVM capable Intel vmx or AMD svm
    1. #egrep "vmx|svm" /proc/cpuinfo | less
      1. in less type "/vmx" to search for vmx in the results
  8. Setup and configure default file sharing services (http & ftp) on VM host
  9.  Do Exercise 1.2 - configure Apache and vsFTP  on VM host
  10. Do Lab 1 
  11. Do Lab 2 - copy install media contents to the share directory on VM host
  12. Do Lab 3

Chapter 2 Tasks:
  1.  Ensure KVM is installed (pdf p.4-6)
  2. Ensure the KVM modules are installed correctly
    1. #lsmod | grep kvm
  3. run "virt-manager" with root privileges from a shell within the GUI
    1. The hypervisor (virt-manager) is supposed to prompt for the root password if run from a normal user, but I was unable to run it at all that way. Thus, VMM was not an option from the user's desktop menu
  4. Do Exercise 2-1 within the hypervisor
  5. Configure and create a VM (pdf p.15-19)
  6. Do Exercise 2-2 with the VM you just created (why wasn't that an exercise?)
  7. Note the VM deletion method on p.24
  8. Configure VM server to be a kickstart server (pdf p.29-31)
  9. Do Exercise 2-3
  10. Install kickstart configurator and create kickstart file with it.
    1. *Name it something different than the ks config from Exercise 2-3
  11. Configure X over SSH on VM server or one of the VMs
  12. Work through the 8 Labs. 

 The rest of the chapters are a bit more straight forward and so I won't do a layout for them.

 As another side note, Chapter 4's primer on SELinux can be well supplemented by the following:

Red Hat Enterprise Linux 6 Security-Enhanced Linux - User Guide

Linux Journal's Paranoid Penguin - Introduction to SELinux
Linux Journal's Paranoid Penguin - Introduction to SELinux, Part II

Tuesday, March 6, 2012

RHCSA Labs and Shuttle trouble - Just Getting Started.

I began studies on the RHCSA last week. If you look at my last post, I have my usual month of study plan laid out with labs, reading, CBTs, etc. Although this time I'm a bit behind.

My home VM server is a Shuttle SH67H3 with an Intel Core i7 2600 (non K version as it doesn't support vt-d), 16Gb RAM, and a couple of corsair SSDs. I was running VMware ESXi 5 on it and it was stable with a few Linux VMs. However it did not support the on board RAID as it was seen as a software or fake raid.

With the RHCSA studies, I need to lab, a lot.  Although I do a lot of the work daily in my current position, we use Xen while RHEL 6 uses KVM as default. This means the RHCSA is based on KVM, not Xen. Thus I had to reformat the Shuttle. Now, the fun part.

For install media, I usually go for a USB stick first, then if thta doesn't work, I'll  attach a SATA blu-ray burner (I don't keep a CD attached to the server). Initially, I tried the USB drives and loaded Scientific Linux 6 on the drive using dd on my Mac Pro (here's some instruction, although block size should be 256k for a quicker copy "bs=256k"). It was a no-go. Then I tried burning an ISO. Still a no-go. I removed all devices sans the DVD-Rom, tried both media again, no-go. Ok, whats happening here?

 I did some googling and found a  few notes about issues coming up with Intel's UEFI (new kind of bios). The UEFI is supposed to bring all sorts of magic, but I didn't see any in the SH67H3's BIOS. It seems UEFI can grab a list of boot devices and store it in NVRAM of which it somehow cannot be recovered with out a bios flash (don't quote me on this). Great. I'm 2 days behind in studies now and still no booting from media, old HDDs, yes. Odd.

The next few steps are the same as usual, reset the bios, switch USB ports, verify USB media on other computers, Verify DVD media, switch SATA ports, switch SATA mode, etc. By luck and good troubleshooting I ended up with the DVD drive on one of the Intel RAID SATA ports and the BIOS SATA setting set to "IDE." Bam! It worked. Ok, put everything back, SSDs on the Intel RAID, host drive on the other SATA ports, and try it again. It's a no-go! Turns out the only way to boot from the DVD was to have the drive on the Intel RAID ports. So, I got Scientific Linux 6 installed on the host drive and went to work doing the basic configs, finally.

Now to play catch-up.