Toolpack prerequisite CentOS7 A

From TBwiki
(Difference between revisions)
Jump to: navigation, search
(Install the base CentOS 7 server)
Line 22: Line 22:
 
* Select the "Minimal" install package
 
* Select the "Minimal" install package
  
== Configure network connection ==
+
=== Configure network connection ===
After installing CentOS 7 minimal, you may not able to connect network in that machine. This will happen if you did not configure the Ethernet interfaces during the installation.
+
If the IP interface was not configured and enabled during installation, it can be configure with the following command from a console connection or a monitor/keyboard connected to the server.
  
 
To list the ethernet card installed on your machine:
 
To list the ethernet card installed on your machine:
Line 46: Line 46:
 
   yum install net-tools wget
 
   yum install net-tools wget
  
== TelcoBridges repository  ==
+
== Configure TelcoBridges repository  ===
  
Add TelcoBridges repository file  
+
=== Add TelcoBridges repository file ===
  
 
  vi /etc/yum.repos.d/TB-Base.repo
 
  vi /etc/yum.repos.d/TB-Base.repo
Line 67: Line 67:
 
  gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-TB7
 
  gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-TB7
  
== Disable base CentOS repositories  ==
+
=== Disable base CentOS repositories  ===
  
 
Edit the Centos repository configuration file
 
Edit the Centos repository configuration file
Line 110: Line 110:
 
  gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
 
  gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
  
== Get TelcoBridges repository key ==
+
=== Get TelcoBridges repository key ===
  
 
  cd /etc/pki/rpm-gpg/
 
  cd /etc/pki/rpm-gpg/
 
  wget http://repo.telcobridges.com/centos/7/os/x86_64/RPM-GPG-KEY-TB7
 
  wget http://repo.telcobridges.com/centos/7/os/x86_64/RPM-GPG-KEY-TB7
  
== CentOS update ==
+
=== CentOS update ===
  
 
Update your system to latest packages
 
Update your system to latest packages

Revision as of 09:58, 13 May 2016

Applies to version(s) v2.8 to v2.9

WARNING: The host MUST have been installed with the CentOS 7 DVD/ISO pointed in this procedure.

WARNING: The host MUST have been installed using the "Minimal" package set within the CentOS installation wizard.

WARNING: This procedure requires internet access and a DNS configured on your unit.

Contents

Install the base CentOS 7 server

Download the following DVD image:

http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/centos/CentOS-7.0-1406-x86_64-DVD.iso

Press Enter to choose the graphical installation:

  • Enable the ethernet interface and set the hostname (make sure it is not localhost.localdomain)
  • Select the "Minimal" install package

Configure network connection

If the IP interface was not configured and enabled during installation, it can be configure with the following command from a console connection or a monitor/keyboard connected to the server.

To list the ethernet card installed on your machine:

nmcli d

If your device shows the STATE as "disconnect", start the Network manager by typing:

nmtui
  • Select "Edit a connection" and press Enter
  • Select your network interface, select "Edit" (use arrows to change options), press Enter
  • Set IPv4 static address or choose “Automatic” (for DHCP) in IPv4 CONFIGURATION and check "Automatically connect" check box.
  • Select "Quit", press Enter
service network restart

Check your ip interface using:

ip addr

Add base packages

To continue installation, you need to download a few packages not provided by the minimal installation:

 yum install net-tools wget

Configure TelcoBridges repository =

Add TelcoBridges repository file

vi /etc/yum.repos.d/TB-Base.repo

Paste the following information in that file:

# TelcoBridges-Base.repo
#
# This repository is using TelcoBridges frozen version of CentOS
# to help client installing the required version of the
# applications required to run Toolpack
#

[tb-base]
name=TelcoBridges-$releasever - Base
baseurl=http://repo.telcobridges.com/centos/7/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-TB7

Disable base CentOS repositories

Edit the Centos repository configuration file

vi /etc/yum.repos.d/CentOS-Base.repo

Disable all repositories in that file. Example:

[base]
enabled=0
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

#released updates
[updates]
enabled=0
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful
[extras]
enabled=0
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Get TelcoBridges repository key

cd /etc/pki/rpm-gpg/
wget http://repo.telcobridges.com/centos/7/os/x86_64/RPM-GPG-KEY-TB7

CentOS update

Update your system to latest packages

yum clean all
yum update

If there was a kernel update, you need to reboot the machine to activate it:

shutdown -r now

Reply to ARP only on local interfaces

Modify the file /etc/sysctl.conf to add the following lines:

 net.ipv4.conf.default.arp_ignore=1
 net.ipv4.conf.all.arp_ignore=1

Then restart network interfaces using the following command:

 service network restart

Disabling SELinux

Check SELinux status

 sestatus

If SELinux is enable, see the Disabling SELinux article to disable it.

Disabling Firewalld

systemctl mask firewalld
systemctl stop firewalld

Install Toolpack Prerequisites

Then, install Toolpack set of pre-requisite packages. When asked to 'Importing GPG key', answer yes.

yum groupinstall Toolpack-Prerequisites

Configure ODBC

Be sure that Toolpack system is stopped before manipulating MySQL.

tbtoolpack stop
vi /etc/odbcinst.ini

Remove the '#' in front of each lines of the [MySQL] section Modify the 'Driver' line to set the correct driver


Example:

[MySQL]
Description     = ODBC for MySQL
Driver          = /usr/lib/libmyodbc5.so
Setup           = /usr/lib/libodbcmyS.so
Driver64        = /usr/lib64/libmyodbc5.so
Setup64         = /usr/lib64/libodbcmyS.so
FileUsage       = 1

Configure MariaDB

vi /etc/my.cnf

Add these variables in the file under the [mysqld] section:

  • log-bin=mariadb-bin
  • relay-log=mariadb-relay-bin
  • innodb_doublewrite=1
  • innodb_flush_log_at_trx_commit=1
  • sync_binlog=1
  • expire_logs_days=30
  • max_binlog_size=500M
  • server-id=[UniqueId]

The server-id needs to be a non-zero unique value (do not use 0). If you use the host redundancy feature, the value MUST to be different on each host .


Add below to remove database dependencies with DNS servers (**Applicable to TMG users only)

 skip-name-resolve


Add max_allowed_packet to increase the maximum size of binary blobs in the database. Make sure it is in the [mysqld] section AND [mysqldump] section

 max_allowed_packet = 200MB

Example:

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
log-bin=mariadb-bin
server-id=1123476
max_allowed_packet = 200MB
skip-name-resolve
expire_logs_days=30
max_binlog_size=500M
relay-log=mariadb-relay-bin
innodb_doublewrite=1
innodb_flush_log_at_trx_commit=1
sync_binlog=1

[mysqldump] 
max_allowed_packet = 200MB



Enable and start MariaDB

systemctl enable mariadb
systemctl start mariadb


Use the MariaDB wizard to secure your server installation.

mysql_secure_installation

You should:

  • Set new root password
  • Remove anonymous users
  • Disallow root login remotely
  • Remove test database and accesses
  • Reload privilege tables

Example:

mysql_secure_installation

Set root password? [Y/n] Y
New password: AVeryStrongPassword
Re-enter new password: AVeryStrongPassword
Password updated successfully!
Reloading privilege tables..
 ... Success!
Remove anonymous users? [Y/n] Y
 ... Success!
Disallow root login remotely? [Y/n] Y
 ... Success!
Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reload privilege tables now? [Y/n] Y
 ... Success!
Cleaning up...
Thanks for using MariaDB!

Restart the MariaDB service

systemctl restart mariadb

Configure MariaDB user

  • Create a tbdb user (required by Toolpack)

Example:

mysql -uroot -pAVeryStrongPassword

USE mysql;
CREATE USER 'tbdb'@'%' IDENTIFIED BY 'tbdbpw';
GRANT ALL PRIVILEGES ON *.* TO 'tbdb'@'%' IDENTIFIED BY 'tbdbpw';
FLUSH PRIVILEGES;
exit

Install additional ruby gems

  • Install json gem:
gem install json

Toolpack Development Prerequisite (Optional)

The Toolpack System Development prerequisite section is only required for customers that will develop their own application using the Toolpack API:

yum install libxml2-devel libpcap-devel unixODBC-devel libaio libaio-devel libxslt

Validation Guide (highly recommended)

If you would like to verify your installation go to the Toolpack Validation Guide


Toolpack System installation

Now that the prerequisite are installed, now it is time to install the Toolpack system

Personal tools