Toolpack prerequisite CentOS7 A
Cboulanger (Talk | contribs) (Forgot mysqldump section) |
Cboulanger (Talk | contribs) (Asked to remove base repository before installing toolpack!) |
||
Line 12: | Line 12: | ||
''WARNING'': This procedure assumes the Centos 7 machine was installed using the "Server with GUI" package set OR was installed from the TelcoBridges repository image. | ''WARNING'': This procedure assumes the Centos 7 machine was installed using the "Server with GUI" package set OR was installed from the TelcoBridges repository image. | ||
</span> | </span> | ||
+ | |||
+ | == CentOS update == | ||
+ | |||
+ | Update your system to CentOS 7 | ||
+ | |||
+ | yum clean metadata | ||
+ | yum update | ||
+ | |||
+ | If there was a kernel update, you need to reboot the machine to activate it: | ||
+ | |||
+ | shutdown -r now | ||
== Stop toolpack system (if it is running) == | == Stop toolpack system (if it is running) == | ||
Line 38: | Line 49: | ||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | ||
− | == | + | == Disable base CentOS repositories == |
− | + | Edit the Centos repository configuration file | |
− | + | ||
− | + | vim /etc/yum.repos.d/CentOS-Base.repo | |
− | + | Disable all repositories in that file. Example: | |
− | + | [base] | |
− | + | '''enabled=0''' | |
+ | name=CentOS-$releasever - Base | ||
+ | mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os | ||
+ | #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ | ||
+ | gpgcheck=1 | ||
+ | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | ||
+ | |||
+ | #released updates | ||
+ | [updates] | ||
+ | '''enabled=0''' | ||
+ | name=CentOS-$releasever - Updates | ||
+ | mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates | ||
+ | #baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/ | ||
+ | gpgcheck=1 | ||
+ | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | ||
+ | |||
+ | #additional packages that may be useful | ||
+ | [extras] | ||
+ | '''enabled=0''' | ||
+ | name=CentOS-$releasever - Extras | ||
+ | mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras | ||
+ | #baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/ | ||
+ | gpgcheck=1 | ||
+ | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | ||
+ | |||
+ | #additional packages that extend functionality of existing packages | ||
+ | [centosplus] | ||
+ | name=CentOS-$releasever - Plus | ||
+ | mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus | ||
+ | #baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ | ||
+ | gpgcheck=1 | ||
+ | '''enabled=0''' | ||
+ | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | ||
− | + | == Get TelcoBridges repository key == | |
− | + | cd /etc/pki/rpm-gpg/ | |
+ | wget http://repo.telcobridges.com/centos/7/os/x86_64/RPM-GPG-KEY-TB7 | ||
=== Reply to ARP only on local interfaces === | === Reply to ARP only on local interfaces === | ||
Line 88: | Line 131: | ||
wget http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/linux/bundler-1.2.3.gem | wget http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/linux/bundler-1.2.3.gem | ||
gem install --local ./bundler-1.2.3.gem | gem install --local ./bundler-1.2.3.gem | ||
− | + | ||
wget http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/linux/json-1.7.7.gem | wget http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/linux/json-1.7.7.gem | ||
gem install --local ./json-1.7.7.gem | gem install --local ./json-1.7.7.gem | ||
Line 145: | Line 188: | ||
skip-name-resolve | skip-name-resolve | ||
expire_logs_days=60 | expire_logs_days=60 | ||
− | + | ||
[mysqldump] | [mysqldump] | ||
max_allowed_packet = 200MB | max_allowed_packet = 200MB |
Revision as of 12:20, 9 September 2014
This page shows the Toolpack 2-8 prerequisites for CentOS 7.
WARNING: The host MUST have CentOS 7 installed.
WARNING: This procedure requires internet access and a DNS configured on your unit.
WARNING: This procedure assumes the Centos 7 machine was installed using the "Server with GUI" package set OR was installed from the TelcoBridges repository image.
Contents[hide] |
CentOS update
Update your system to CentOS 7
yum clean metadata yum update
If there was a kernel update, you need to reboot the machine to activate it:
shutdown -r now
Stop toolpack system (if it is running)
tbtoolpack stop
TelcoBridges repository
Add TelcoBridges repository file
vim /etc/yum.repos.d/TB-Base.repo
Paste the following information in that file:
# TelcoBridges-Base.repo # # This repository is using TelcoBridges frozen version of CentOS # to help client installing the required version of the # applications required to run Toolpack # [tb-base] name=TelcoBridges-$releasever - Base baseurl=http://repo.telcobridges.com/centos/7/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Disable base CentOS repositories
Edit the Centos repository configuration file
vim /etc/yum.repos.d/CentOS-Base.repo
Disable all repositories in that file. Example:
[base] enabled=0 name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 #released updates [updates] enabled=0 name=CentOS-$releasever - Updates mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates #baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 #additional packages that may be useful [extras] enabled=0 name=CentOS-$releasever - Extras mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras #baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus #baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Get TelcoBridges repository key
cd /etc/pki/rpm-gpg/ wget http://repo.telcobridges.com/centos/7/os/x86_64/RPM-GPG-KEY-TB7
Reply to ARP only on local interfaces
Modify the file /etc/sysctl.conf to add the following lines:
net.ipv4.conf.default.arp_ignore=1 net.ipv4.conf.all.arp_ignore=1
Then restart network interfaces using the following command:
service network restart
Disabling SELinux
Check SELinux status
sestatus
If SELinux is enable, see the Disabling SELinux article to disable it.
Disabling Firewalld
systemctl mask firewalld systemctl stop firewalld
Install Toolpack Prerequisites
When asked to 'Importing GPG key', answer yes.
yum groupinstall Toolpack-Prerequisites
Install Gem
wget http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/linux/bundler-1.2.3.gem gem install --local ./bundler-1.2.3.gem wget http://download.distribution.telcobridges.com/3rdparty/prerequisite/bin/linux/json-1.7.7.gem gem install --local ./json-1.7.7.gem
Configure ODBC
Be sure that Toolpack system is stopped before manipulating MySQL.
tbtoolpack stop
vim /etc/odbcinst.ini
Remove the '#' in front of each lines of the [MySQL] section Modify the 'Driver' line to set the correct driver
Example:
[MySQL] Description = ODBC for MySQL Driver = /usr/lib/libmyodbc5.so Setup = /usr/lib/libodbcmyS.so Driver64 = /usr/lib64/libmyodbc5.so Setup64 = /usr/lib64/libodbcmyS.so FileUsage = 1
Configure MariaDB
vim /etc/my.cnf
Add these variables in the file under the [mysqld] section:
- log-bin
- server-id=[UniqueId]
The server-id needs to be a non-zero unique value (do not use 0). If you use the host redundancy feature, the value needs to be different on each host .
Add max_allowed_packet to increase the maximum size of binary blobs in the database. Make sure it is in the [mysqld] section AND [mysqldump] section
max_allowed_packet = 200MB
Add below to remove database dependencies with DNS servers (**Applicable to TMG users only)
skip-name-resolve
Add this to make sure the mysql logs don't get too big
expire_logs_days=60
Example:
[mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock symbolic-links=0 log-bin server-id=1123476 max_allowed_packet = 200MB skip-name-resolve expire_logs_days=60 [mysqldump] max_allowed_packet = 200MB
Enable and start MariaDB
systemctl enable mariadb systemctl start mariadb
Use the MariaDB wizard to secure your server installation.
mysql_secure_installation
You should:
- Set new root password
- Remove anonymous users
- Disallow root login remotely
- Remove test database and accesses
- Reload privilege tables
Example:
mysql_secure_installation Set root password? [Y/n] Y New password: AVeryStrongPassword Re-enter new password: AVeryStrongPassword Password updated successfully! Reloading privilege tables.. ... Success! Remove anonymous users? [Y/n] Y ... Success! Disallow root login remotely? [Y/n] Y ... Success! Remove test database and access to it? [Y/n] Y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reload privilege tables now? [Y/n] Y ... Success! Cleaning up... Thanks for using MariaDB!
Restart the MariaDB service
systemctl restart mariadb
Configure MariaDB user
- Create a tbdb user (required by Toolpack)
Example:
mysql -uroot -pAVeryStrongPassword USE mysql; CREATE USER 'tbdb'@'%' IDENTIFIED BY 'tbdbpw'; GRANT ALL PRIVILEGES ON *.* TO 'tbdb'@'%' IDENTIFIED BY 'tbdbpw'; FLUSH PRIVILEGES; exit