Table of Contents
Allow rrdcached, memcache, and MariaDB/MySQL through the firewall in CentOS 8
Open ports 42217 (rrdcached) and 11211 (memcached) in the firewall and reload the firewall.
firewall-cmd --zone=public --permanent --add-port 42217/tcp firewall-cmd --zone=public --permanent --add-port 11211/tcp firewall-cmd --zone=public --permanent --add-port 3306/tcp firewall-cmd --reload
Verify that the ports are open using firewall-cmd –-list-all
.
[root@nms nms]# firewall-cmd –list-all public (active) target: default icmp-block-inversion: no interfaces: ens32 sources: services: cockpit dhcpv6-client http https ssh ports: 42217/tcp 11211/tcp 3306/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
PXE Config examples
I've set up a local http web server. You can use another web server mirror if you want.
- default
DEFAULT vesamenu.c32 PROMPT 0 MENU TITLE PXE Boot Menu MENU INCLUDE pxelinux.cfg/graphics.conf MENU AUTOBOOT Starting Local System in 8 seconds # Option 1 - Exit PXE Linux & boot normally LABEL bootlocal menu label ^Boot Normally menu default localboot 0 # Option 2 - Run WDS LABEL wds MENU LABEL ^Windows Deployment Services KERNEL pxeboot.0 # Option 3 - Go to Linux menu LABEL linux MENU LABEL Linux KERNEL vesamenu.c32 APPEND pxelinux.cfg/linux # Option 4 - Go to tools LABEL tools MENU LABEL Tools KERNEL vesamenu.c32 APPEND pxelinux.cfg/tools # Option 3 - Exit PXE Linux LABEL Abort MENU LABEL ^Exit KERNEL abortpxe.0
- linux
MENU TITLE Linux Operating Systems MENU INCLUDE pxelinux.cfg/graphics.conf LABEL debian-1004 MENU LABEL ^Debian 10.04 Netinstall KERNEL iso/debian-10.04-netboot/debian-installer/amd64/linux APPEND vga=788 initrd=iso/debian-10.04-netboot/debian-installer/amd64/initrd.gz LABEL fedora-server-32 MENU LABEL ^Fedora Server 32 KERNEL iso/fedora-32-server-netboot/images/pxeboot/vmlinuz APPEND initrd=iso/fedora-32-server-netboot/images/pxeboot/initrd.img noapic inst.stage2=http://repo.local.ribbed.us/fedora-server-32/ ip=dhcp LABEL centos-8-2-2004 MENU LABEL ^CentOS 8.2.2004 KERNEL iso/centos-8-2-2004/vmlinuz APPEND initrd=iso/centos-8-2-2004/initrd.img noapic inst.stage2=http://repo.local.ribbed.us/centos-8-2-2004/ ip=dhcp LABEL ubuntu-server-2004 MENU LABEL ^Ubuntu Server 20.04 KERNEL iso/ubuntu-server-20-04/vmlinuz INITRD iso/ubuntu-server-20-04/initrd APPEND root=/dev/ram0 ramdisk_size=1500000 ip=dhcp url=http://repo.local.ribbed.us/ubuntu-20.04-live-server-amd64.iso LABEL mainmenu MENU LABEL ^Go back to Main Menu KERNEL vesamenu.c32 APPEND pxelinux.cfg/default
- tools
MENU TITLE Tools MENU INCLUDE pxelinux.cfg/graphics.conf LABEL memtest86 MENU LABEL ^memtest86 KERNEL iso/memtest86/ISOLINUX/MEMTEST
Useful wget examples
wget --recursive --no-clobber --no-parent --domains mirror.atl.genesisadaptive.com -R "index.html" http://mirror.atl.genesisadaptive.com/fedora/linux/releases/32/Server/x86_64/os/
This is useful for mirroring directories such as Linux download directories.
--recursive
- downloads every directory
--no-clobber
- do not replace files
--domains
- limit download to a certain domain or sub-domain
--R "index.html"
- don't save index.html
files
Install syslinux on Windows Server 2019 WDS
Once Windows Deployment Services is installed and running, locate the folder where WDS is installed. My install is in D:\RemoteInstall
.
- Rename pxeboot.n12 in
D:\RemoteInstall\Boot\x64
topxeboot.0
. - Rename abortpxe.com in
D:\RemoteInstall\Boot\x86
toabortpxe.0
. - Download syslinux. I used version 5.04. Your mileage may vary with other versions.
- From the syslinux archive, extract
core\pxelinux.0
,com32\menu\vesamenu.c32
,com32\modules\chain.c32
,memdisk\memdisk
toD:\RemoteInstall\Boot\x86
andD:\RemoteInstall\Boot\x64
. - Rename
pxelinux.0
topxelinux.com
in both directories. - Create the following directories:
D:\RemoteInstall\Boot\x64\Linux
D:\RemoteInstall\Boot\x64\pxelinux.cfg
(this is a directory, not a file)D:\RemoteInstall\Boot\x64\Linux
D:\RemoteInstall\Boot\x64\pxelinux.cfg
(this is a directory as well)
- Open a command prompt with Administrator permissions and issue the following commands:
wdsutil /set-server /bootprogram:boot\x86\pxelinux.com /architecture:x86 wdsutil /set-server /bootprogram:boot\x64\pxelinux.com /architecture:x64 wdsutil /set-server /N12bootprogram:boot\x86\pxelinux.com /architecture:x86 wdsutil /set-server /N12bootprogram:boot\x64\pxelinux.com /architecture:x64
- Create a two files called
default and graphics.conf
inD:\RemoteInstall\Boot\x64\pxelinux.cfg
andD:\RemoteInstall\Boot\x86\pxelinux.cfg
- Edit
default
and add the following text for the default menus:DEFAULT vesamenu.c32 PROMPT 0 MENU TITLE PXE Boot Menu MENU INCLUDE pxelinux.cfg/graphics.conf MENU AUTOBOOT Starting Local System in 8 seconds # Option 1 - Exit PXE Linux & boot normally LABEL bootlocal menu label ^Boot Normally menu default localboot 0 timeout 80 TOTALTIMEOUT 9000 # Option 2 - Run WDS LABEL wds MENU LABEL ^Windows Deployment Services KERNEL pxeboot.0 # Option 3 - Exit PXE Linux LABEL Abort MENU LABEL E^xit KERNEL abortpxe.0
- Edit
graphics.conf
and add the following text for the default menus:MENU MARGIN 10 MENU ROWS 16 MENU TABMSGROW 21 MENU TIMEOUTROW 26 MENU COLOR BORDER 30;44 #00000000 #00000000 none MENU COLOR SCROLLBAR 30;44 #00000000 #00000000 none MENU COLOR TITLE 0 #00269B #00000000 none MENU COLOR SEL 30;47 #40000000 #20ffffff MENU BACKGROUND background.jpg NOESCAPE 0 ALLOWOPTIONS 0
- Place your ISOs or image files in
D:\RemoteInstall\Boot\x64
orD:\RemoteInstall\Boot\x86
. - Edit
D:\RemoteInstall\Boot\x64\default
orD:\RemoteInstall\Boot\x86
(depending on the architecture of your OS install) and add the following example text:LABEL LABELNAME MENU LABEL LABELNAME Kernel memdisk append iso raw initrd=FILENAME.iso
Your filename is the name of your ISO file.
Many distros will have their own way of getting this to boot correctly. For example, while Debian provides a relatively easy path to add a network install, with Ubuntu 20.04, Canonical has taken steps to push people to alternative ways to easily do a traditional network install. Much Googling is to be had. See PXE config examples.
Enable older SSH key exchange methods
When connecting via SSH to older systems who do not support newer ciphers, you will sometimes get the following error:
Unable to negotiate with 10.192.0.47 port 22: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1
To permanently enable support for this cipher, you need to add the following line to either /etc/ssh/ssh_config
to enable it for all accounts or ~/.ssh/config
for just your account.
Host * KexAlgorithms +diffie-hellman-group14-sha1
You can change Host *
to specify a specific IP. Ex: Host 111.111.111.111
.
More docs from OpenSSH Legacy Options.