Allow rrdcached, memcache, and MariaDB/MySQL through the firewall in CentOS 8

Open ports 42217 (rrdcached) and 11211 (memcached) in the firewall and reload the firewall.

firewall-cmd --zone=public --permanent --add-port 42217/tcp
firewall-cmd --zone=public --permanent --add-port 11211/tcp
firewall-cmd --zone=public --permanent --add-port 3306/tcp
firewall-cmd --reload

Verify that the ports are open using firewall-cmd –-list-all.

[root@nms nms]# firewall-cmd –list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens32
sources:
services: cockpit dhcpv6-client http https ssh
ports: 42217/tcp 11211/tcp 3306/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

PXE Config examples

I've set up a local http web server. You can use another web server mirror if you want.

default
DEFAULT      vesamenu.c32
PROMPT       0
 
MENU TITLE PXE Boot Menu
MENU INCLUDE pxelinux.cfg/graphics.conf
MENU AUTOBOOT Starting Local System in 8 seconds
 
# Option 1 - Exit PXE Linux & boot normally
LABEL bootlocal
	menu label ^Boot Normally
	menu default
	localboot 0
# Option 2 - Run WDS
LABEL wds
	MENU LABEL ^Windows Deployment Services
	KERNEL pxeboot.0
# Option 3 - Go to Linux menu
LABEL linux
	MENU LABEL Linux
	KERNEL vesamenu.c32
	APPEND pxelinux.cfg/linux
# Option 4 - Go to tools
LABEL tools
	MENU LABEL Tools
	KERNEL vesamenu.c32
	APPEND pxelinux.cfg/tools
 
# Option 3 - Exit PXE Linux
LABEL Abort
	MENU LABEL ^Exit
	KERNEL abortpxe.0
linux
MENU TITLE Linux Operating Systems
 
MENU INCLUDE pxelinux.cfg/graphics.conf
 
LABEL debian-1004
	MENU LABEL ^Debian 10.04 Netinstall
	KERNEL iso/debian-10.04-netboot/debian-installer/amd64/linux
	APPEND vga=788 initrd=iso/debian-10.04-netboot/debian-installer/amd64/initrd.gz
LABEL fedora-server-32
	MENU LABEL ^Fedora Server 32
        KERNEL iso/fedora-32-server-netboot/images/pxeboot/vmlinuz
	APPEND initrd=iso/fedora-32-server-netboot/images/pxeboot/initrd.img noapic inst.stage2=http://repo.local.ribbed.us/fedora-server-32/ ip=dhcp
LABEL centos-8-2-2004
	MENU LABEL ^CentOS 8.2.2004
        KERNEL iso/centos-8-2-2004/vmlinuz
	APPEND initrd=iso/centos-8-2-2004/initrd.img noapic inst.stage2=http://repo.local.ribbed.us/centos-8-2-2004/ ip=dhcp
LABEL ubuntu-server-2004
	MENU LABEL ^Ubuntu Server 20.04
        KERNEL iso/ubuntu-server-20-04/vmlinuz
	INITRD iso/ubuntu-server-20-04/initrd
	APPEND root=/dev/ram0 ramdisk_size=1500000 ip=dhcp url=http://repo.local.ribbed.us/ubuntu-20.04-live-server-amd64.iso
LABEL mainmenu
	MENU LABEL ^Go back to Main Menu
	KERNEL vesamenu.c32
	APPEND pxelinux.cfg/default
tools
MENU TITLE Tools
MENU INCLUDE pxelinux.cfg/graphics.conf
 
LABEL memtest86
	 MENU LABEL ^memtest86
	 KERNEL iso/memtest86/ISOLINUX/MEMTEST
· 2020/07/14 06:37 · 2020/07/14 06:40

Useful wget examples

wget --recursive --no-clobber --no-parent --domains mirror.atl.genesisadaptive.com -R "index.html" http://mirror.atl.genesisadaptive.com/fedora/linux/releases/32/Server/x86_64/os/

This is useful for mirroring directories such as Linux download directories.

--recursive - downloads every directory
--no-clobber - do not replace files
--domains - limit download to a certain domain or sub-domain
--R "index.html" - don't save index.html files

· 2020/07/14 06:11 · 2020/07/14 06:13

Install syslinux on Windows Server 2019 WDS

Once Windows Deployment Services is installed and running, locate the folder where WDS is installed. My install is in D:\RemoteInstall.

  1. Rename pxeboot.n12 in D:\RemoteInstall\Boot\x64 to pxeboot.0.
  2. Rename abortpxe.com in D:\RemoteInstall\Boot\x86 to abortpxe.0.
  3. Download syslinux. I used version 5.04. Your mileage may vary with other versions.
  4. From the syslinux archive, extract core\pxelinux.0, com32\menu\vesamenu.c32, com32\modules\chain.c32, memdisk\memdisk to D:\RemoteInstall\Boot\x86 and D:\RemoteInstall\Boot\x64.
  5. Rename pxelinux.0 to pxelinux.com in both directories.
  6. Create the following directories:
    • D:\RemoteInstall\Boot\x64\Linux
    • D:\RemoteInstall\Boot\x64\pxelinux.cfg (this is a directory, not a file)
    • D:\RemoteInstall\Boot\x64\Linux
    • D:\RemoteInstall\Boot\x64\pxelinux.cfg (this is a directory as well)
  7. Open a command prompt with Administrator permissions and issue the following commands:
    wdsutil /set-server /bootprogram:boot\x86\pxelinux.com /architecture:x86
    wdsutil /set-server /bootprogram:boot\x64\pxelinux.com /architecture:x64
    wdsutil /set-server /N12bootprogram:boot\x86\pxelinux.com /architecture:x86
    wdsutil /set-server /N12bootprogram:boot\x64\pxelinux.com /architecture:x64
    


  8. Create a two files called default and graphics.conf in D:\RemoteInstall\Boot\x64\pxelinux.cfg and D:\RemoteInstall\Boot\x86\pxelinux.cfg
  9. Edit default and add the following text for the default menus:
    DEFAULT      vesamenu.c32
    PROMPT       0
    
    MENU TITLE PXE Boot Menu
    MENU INCLUDE pxelinux.cfg/graphics.conf
    MENU AUTOBOOT Starting Local System in 8 seconds
    
    # Option 1 - Exit PXE Linux & boot normally
    LABEL bootlocal
          menu label ^Boot Normally
          menu default
          localboot 0
          timeout 80
          TOTALTIMEOUT 9000
    # Option 2 - Run WDS
    LABEL wds
    	 MENU LABEL ^Windows Deployment Services
    	 KERNEL pxeboot.0
    # Option 3 - Exit PXE Linux
    LABEL Abort
    	MENU LABEL E^xit
    	KERNEL abortpxe.0
    
  10. Edit graphics.conf and add the following text for the default menus:
    MENU MARGIN 10
    MENU ROWS 16
    MENU TABMSGROW 21
    MENU TIMEOUTROW 26
    MENU COLOR BORDER 30;44		#00000000 #00000000 none
    MENU COLOR SCROLLBAR 30;44		#00000000 #00000000 none
    MENU COLOR TITLE 0 		#00269B #00000000 none
    MENU COLOR SEL   30;47		#40000000 #20ffffff
    MENU BACKGROUND background.jpg
    NOESCAPE 0
    ALLOWOPTIONS 0
    
  11. Place your ISOs or image files in D:\RemoteInstall\Boot\x64 or D:\RemoteInstall\Boot\x86.
  12. Edit D:\RemoteInstall\Boot\x64\default or D:\RemoteInstall\Boot\x86 (depending on the architecture of your OS install) and add the following example text:
    LABEL LABELNAME
    MENU LABEL LABELNAME
    Kernel memdisk
    append iso raw initrd=FILENAME.iso
    

    Your filename is the name of your ISO file.

Many distros will have their own way of getting this to boot correctly. For example, while Debian provides a relatively easy path to add a network install, with Ubuntu 20.04, Canonical has taken steps to push people to alternative ways to easily do a traditional network install. Much Googling is to be had. See PXE config examples.

· 2020/07/11 02:17 · 2020/07/11 06:33

Enable older SSH key exchange methods

When connecting via SSH to older systems who do not support newer ciphers, you will sometimes get the following error:

Unable to negotiate with 10.192.0.47 port 22: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1

To permanently enable support for this cipher, you need to add the following line to either /etc/ssh/ssh_config to enable it for all accounts or ~/.ssh/config for just your account.

Host * 
   KexAlgorithms +diffie-hellman-group14-sha1

You can change Host * to specify a specific IP. Ex: Host 111.111.111.111.

More docs from OpenSSH Legacy Options.

· 2020/07/01 09:17 · 2020/07/01 20:43

<< Newer entries | Older entries >>