How to boot RHEL 7 / CentOS 7 to single user runlevel or rescue mode (emergency.target) ?

January 10, 2018, 8:56 pm

≫ Next: How to create a sequence which start with 1 and next value will be 0 and then next value is 1 and then 0 .. and so on ... is this possible ?

≪ Previous: Tutorial / Cheatsheet:12 practical examples for different sudo access based scenarios in RHEL 7 / CentOS 7

Starting from RHEL 7 the runlevel concept is no more and now the formerly known as runlevel 1 is called emergency.target
So we will use the term "emergency.target" for "runlevel 1"

There can be two possible scenarios for going into emergency target level

You have a working setup with a shell
You machine is unable to boot

Based on the scenario type you can choose the steps to be followed

Scenario 1: When you have a working shell

In this case you can hit the below command to change your existing runlevel to "emergency.target"

You can use below command to switch to rescue mode

[root@golinuxhub ~]# systemctl isolate rescue.target
 PolicyKit daemon disconnected from the bus.
 We are no longer a registered authentication agent.

[root@golinuxhub ~]# systemctl rescue
 PolicyKit daemon disconnected from the bus.
 We are no longer a registered authentication agent.

 Broadcast message from root@golinuxhub.lab on pts/1 (Sun 2017-12-24 23:47:08 IST):

 The system is going down to rescue mode NOW!

IMPORTANT NOTE: This command is similar to systemctl isolate rescue.target, but it also sends an informative message to all users that are currently logged into the system. To prevent systemd from sending this message, run this command with the --no-wall command line option:

# systemctl --no-wall rescue

Scenario 2: When you do not have working shell

If you are having boot up related issues then it is obvious that you would want to go to emergency target to get a shell for further troubleshooting the issue
Now with RHEL 7 the steps to switch to emergency.target is completely different from the steps as used in RHEL 6 and earlier variants

Steps to switch runlevel to emergency.target

Once the GRUB menu appears during bootup process you will see a splash screen which will contain the list of available kernel for bringing up the system, for my system I only have one kernel installed along with a rescue image
Choose the kernel you want to edit using the arrow key to highlight the kernel using which you want to enter into emergency.target
then press the letter "e" key to edit the boot entry

    Red Hat Enterprise Linux Server (3.10.0-693.el7.x86_64) 7.4 (Maipo)
    Red Hat Enterprise Linux Server (0-rescue-d6e5b9fa407542fcbcaa72e7e6b777e2) 7.4 (Maipo)

    Use the ^ and v keys to change the selection.                      
    Press 'e' to edit the selected item, or 'c' for a command prompt.

The next screen should look similar to the below example of me selecting the 3.10.0-693.el7.x86_64 kernel for editing.

setparams 'Red Hat Enterprise Linux Server (3.10.0-693.el7.x86_64) 7.4 (Maipo)'

        load_video
        set gfxpayload=keep
        insmod gzio
        insmod part_msdos
        insmod xfs
        set root='hd0,msdos1'
        if [ x$feature_platform_search_hint = xy ]; then
          search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 --hint='hd0,msdos1'  af0be92e-0721-46b8-affd-60f9baff3652
        else
          search --no-floppy --fs-uuid --set=root af0be92e-0721-46b8-affd-60f9baff3652
        fi
        linux16 /vmlinuz-3.10.0-693.el7.x86_64 root=/dev/mapper/rhel-root ro rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet net.ifnames=0 systemd.unit=emergency.target
        initrd16 /initramfs-3.10.0-693.el7.x86_64.img

      Press Ctrl-x to start, Ctrl-c for a command prompt or Escape to    
      discard edits and return to the menu. Pressing Tab lists          
      possible completions.

Look out for line starting with "linux16" on the screen using the arrow button, for some cases it can also be linux and linuxefi
Once the blinking cursor is on this respective line press the "End" key from the keyboard to go to the end of this line
Give a "blank space" and provide the detail of target you want to boot your system into, for example to boot into emergency target use the below syntax
systemd.unit=emergency.target

The line should look like below after editing

linux16 /vmlinuz-3.10.0-693.el7.x86_64 root=/dev/mapper/rhel-root ro rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet net.ifnames=0 systemd.unit=emergency.target

Next once done hit "Enter" to save the line
Lastly press "Ctrl + x" to boot the system using the changes you have done
Next thing you will observe below screen where you must enter "root" user password to continue

After giving the password you will get the shell

↧

How to create a sequence which start with 1 and next value will be 0 and then next value is 1 and then 0 .. and so on ... is this possible ?

January 14, 2018, 5:18 am

≫ Next: How to create a user (normal and root) using kickstart configuration file in RHEL 7 / CentOS 7

≪ Previous: How to boot RHEL 7 / CentOS 7 to single user runlevel or rescue mode (emergency.target) ?

SQL> CREATE SEQUENCE TEST_SEQ_A
           START WITH 1
           MINVALUE 0
           MAXVALUE 1
           INCREMENT BY -1
           NOCACHE
           ORDER
           CYCLE ;

SQL> Insert into test(seq) values(TEST_SEQ_A.nextval);
SQL> Select *from test;

Output:

1
0
1
0
1
0....

↧

How to create a user (normal and root) using kickstart configuration file in RHEL 7 / CentOS 7

January 15, 2018, 6:51 am

≫ Next: How to clean temporary files automatically using systemd-tmpfiles in RHEL 7 / CentOS 7

≪ Previous: How to create a sequence which start with 1 and next value will be 0 and then next value is 1 and then 0 .. and so on ... is this possible ?

I have already written an article explaining the various syntax used in the kickstart file of Red Hat Enterprise Linux 7 with examples and sample kickstart configuration file.

Understanding syntax used in kickstart configuration file for RHEL 7 / CentOS 7

Creating root user

In kickstart configuration file by default root user will be created as soon as we assign password so we need not add additional function to create "root" user

Parameter to be used
rootpw (required)
Sets the system's root password to the password argument.
rootpw [--iscrypted|--plaintext] [--lock] password
If you already have encrypted password handy then you can use below syntax
rootpw --iscrypted $6$uiq8l/7xEWsYXhrvaEgan4N21yhLa8K.U7UA12Th3PD11GOXvEcI40gp1
Here as you see I have provided the encrypted password so this will create the "root" user and assign this password to the user
--iscrypted - If this option is present, the password argument is assumed to already be encrypted.
To encrypt the password

# python -c 'import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass("Confirm: ")) else exit())'
Password:
Confirm:
$6$NQxcaeY.Pvm1FWBl$LriLt5PFtqUUs0sJgUhpAwOc4n9dwJ0sx1qPDVXHZzXq0GnA8ZpuLkJG9QoGb5JwUv2/3JZLJBjDTUJXIP3bS.This generates a sha512 crypt-compatible hash of your password using a random salt.

Creating normal user

In kickstart configuration file to create a user use the below syntax

Syntax
user --name=username [options]

Below are some of the options which can be used with above syntax

--name= - Provides the name of the user. This option is required.

--gecos= - Provides the GECOS information for the user. This is a string of various system-specific fields separated by a comma. It is frequently used to specify the user's full name, office number, and so on. See the passwd(5) man page for more details.

--groups= - In addition to the default group, a comma separated list of group names the user should belong to. The groups must exist before the user account is created. See the group command.

--homedir= - The home directory for the user. If not provided, this defaults to /home/username.

--lock - If this option is present, this account is locked by default. This means that the user will not be able to log in from the console. This option will also disable the Create User screens in both the graphical and text-based manual installation.

--password= - The new user's password. If not provided, the account will be locked by default.

--iscrypted - If this option is present, the password argument is assumed to already be encrypted. This option is mutually exclusive with --plaintext.

--shell= - The user's login shell. If not provided, the system default is used.

--uid= - The user's UID (User ID). If not provided, this defaults to the next available non-system UID.

--gid= - The GID (Group ID) to be used for the user's group. If not provided, this defaults to the next available non-system group ID.

To create an encrypted password, you can use python:

Example
user --name=deepak --groups=wheel --plaintext --password=abcd@123
Above uses a plaintext password, if you have encrypted password handy use the below syntax

user --name=deepak --groups=wheel --iscrypted --password=$6$NQxcaeY.Pvm1FWBl$LriLt5PFtqUUs0sJgUhpAwOc4n9dwJ0sx1qPDVXHZzXq0GnA8ZpuLkJG9QoGb5JwUv2/3JZLJBjDTUJXIP3bS.

I hope the article was useful.

↧

How to clean temporary files automatically using systemd-tmpfiles in RHEL 7 / CentOS 7

January 20, 2018, 3:55 am

≫ Next: How to check if Hyper Threading (HT) is enabled or disabled on my Linux server

≪ Previous: How to create a user (normal and root) using kickstart configuration file in RHEL 7 / CentOS 7

Have you also come across a situation when your filesystem gets piled up with unwanted files and you have to step in manually clean up all the unwanted temporary files and directories.

With Red Hat Enterprise Linux 7 we have a new systemd unit file (systemd-tmpfiles) introduced which can do the dirty work for you automatically.

In RHEL 6 we had a similar solution namely tmpwatch which used to clean up temporary files, the tmpwatch utility recursively searches through specified directories and removes files which have not been accessed in a specified period of time.

systemd-tmpfiles creates, deletes, and cleans up volatile and temporary files and directories, based on the configuration file format and location specified in tmpfiles.d

The configuration files are located in different places and they have a hierarchical priority process. The configuration locations for systemd-tmpfiles service have the following order priority (Highest to lower):

/etc/tmpfiles.d/*.conf
/run/tmpfiles.d/*.conf
/usr/lib/tmpfiles.d/*.conf

Supposing that a configuration file with the same name is placed under all the three configuration directories, the file with highest priority will be the one in /etc.
The configuration files placed under /run are created at runtime by services/daemons to control temporary directory cleaning processes.
And, as usual, configuration files under /usr/lib/* should be never edited directly because they’re vendor-provided you should override them using this priority mechanism, placing a custom file under /etc/tmpfiles.d/*.

Looking at configuration file syntax, a systemd-tmpfiles configuration contains:

Type, Path, Mode, UID, GID, Age, and Arguments

r Remove a file or directory if it exists. This may not be used to remove non-empty directories, use R for that. Lines of this type accept shell-style globs in place of normal path names.

For example I create a configuration file inside "/etc/tmpfiles.d"

# cat tmp.conf
# Remove /tmp/test directory and its content
r /tmp/test/

Before running this I will create a directory

# mkdir /tmp/test

Lets manually run systemd-tmpfiles to check if this work

# env SYSTEMD_LOG_LEVEL=debug systemd-tmpfiles --remove
Skipping overridden file: /usr/lib/tmpfiles.d/tmp.conf.
Reading config file "/etc/tmpfiles.d/tmp.conf".
Running remove action for entry r /tmp/test

The 'test' directory is removed

# ls /tmp/test
ls: cannot access /tmp/test: No such file or directory

But what if the directory has some content

For this situation we need different variable

R Recursively remove a path and all its subdirectories (if it is a directory). Lines of this type accept shell-style globs in place of normal path names.

Looks like it works

When does the clean up happens automatically?

Systemd gives you the timer unit for controlling scheduled and cyclic actions to be performed in the running system.

You can inspect the behaviour of the timer unit by querying the systemd daemon

# systemctl status systemd-tmpfiles-clean.timer
â systemd-tmpfiles-clean.timer - Daily Cleanup of Temporary Directories
Loaded: loaded (/usr/lib/systemd/system/systemd-tmpfiles-clean.timer; static; vendor preset: disabled)
Active: active (waiting) since Sat 2018-01-20 23:55:24 IST; 15h ago
Docs: man:tmpfiles.d(5)
man:systemd-tmpfiles(8)

Jan 20 23:55:24 Ban17-rds01-b systemd[1]: Started Daily Cleanup of Temporary Directories.
Jan 20 23:55:24 Ban17-rds01-b systemd[1]: Starting Daily Cleanup of Temporary Directories.

If you check the systemd unit file for this service it will give you more details

# systemctl cat systemd-tmpfiles-clean.timer
# /usr/lib/systemd/system/systemd-tmpfiles-clean.timer
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.

[Unit]
Description=Daily Cleanup of Temporary Directories
Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8)

[Timer]
OnBootSec=15min
OnUnitActiveSec=1d

As you’ll find on the timer unit, it will run just 15 minutes after systemd start, and then every 24 hours from that time onward. The command, in this case, will only affect files/directories purging/cleaning.

Once the system boots up, a special unit file is executed: systemd-tmpfiles-setup, this unit will execute the systemd-tmpfile --create --remove command.

I will create a test directory again under /tmp and create a configuration file to clear this directory as above

# cat /etc/tmpfiles.d/tmp.conf
# Remove /tmp/test directory and its content
r /tmp/test/

Next reboot my system to validate the changes

# reboot

Next monitor the logs

Jan 20 16:44:24 Ban17-adm-a systemd: Stopped Daily Cleanup of Temporary Directories.
Jan 20 16:44:24 Ban17-adm-a systemd: Stopping Daily Cleanup of Temporary Directories.

While starting up the system

Jan 20 16:49:14 Ban17-adm-a systemd: Started Daily Cleanup of Temporary Directories.
Jan 20 16:49:14 Ban17-adm-a systemd: Starting Daily Cleanup of Temporary Directories.

Once the system is accessible again lets check if '/tmp/test' exists

# ls /tmp/test
ls: cannot access /tmp/test: No such file or directory

So this is cleaned automatically.

I hope the article was useful.

↧

How to check if Hyper Threading (HT) is enabled or disabled on my Linux server

January 20, 2018, 7:06 am

≫ Next: How to limit CPU count or disable CPUs in a multi core server in RHEL 7 / CentOS 7

≪ Previous: How to clean temporary files automatically using systemd-tmpfiles in RHEL 7 / CentOS 7

In some online articles I have observed, tells that you can use below commands to validate the status of Hyper Threading

# dmidecode | grep -i HTT
HTT (Multi-threading)
HTT (Multi-threading)

Also below command can be used

# cat /proc/cpuinfo | grep -o ht | uniq
ht

Please NOTE the above commands tells us that the server supports hyper threading but it has no information on the current status of hyper threading on that server.

To check if hyper threading is enabled or not first of all you must know about the CPU model you are using, you may need to refer to the CPU vendor's documentation for this information

Using the below command you can find the CPU vendor and model number using which you can easily get the CPU documentation from the vendor page.

# grep "model name" proc/cpuinfo | sort -u
model name : Intel(R) Xeon(R) CPU E5-2640 v3 @ 2.60GHz

Next you must look out for below information from the CPU documentation, I found mine at Intel® Xeon® Processor E5 v3 Family

Here look out for number of cores the CPU has i.e. no. of threads as it shows below

# of Cores8
# of Threads16

So with this we know my CPU has total 16 logical CPUs if HT is not enabled and 32 logical CPUs if HT is enabled

Now lets checking the real stats from the server, 'lscpu' and '/proc/cpuinfo' are the two tools which will help us get this information

Below is my output of lscpu

# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 32
On-line CPU(s) list: 0-31
Thread(s) per core: 2
Core(s) per socket: 8
Socket(s): 2
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 63
Model name: Intel(R) Xeon(R) CPU E5-2640 v3 @ 2.60GHz
Stepping: 2
CPU MHz: 2600.000
CPU max MHz: 2600.0000
CPU min MHz: 1200.0000
BogoMIPS: 5193.74
Virtualization: VT-x
L1d cache: 32K
L1i cache: 32K
L2 cache: 256K
L3 cache: 20480K
NUMA node0 CPU(s): 0-31

Here is my first HINT, it shows we have 2 sockets, 8 cores and 2 thread per core.
That is unlikely and mostly in systems with disabled hyper threading we would get "1 thread per core"

Check the total number of physical CPUs

The following command will show how many active physical processors a system has

# grep physical.id /proc/cpuinfo | sort -u | wc -l
2

Number of cores per CPU

On a system with multi-core processors, the following command should report the number of CPU cores per physical processor (though in rare cases it might not).

Example: If this number is 8 and physical CPUs is 2, then each of the 2 physical processors has 8 CPU cores, leading to a total of 16 cores.

# grep cpu.cores /proc/cpuinfo | sort -u
cpu cores : 8

We can validate the same using below command, using this we can check the number of cores per physical CPUs
For the first CPU (0)

# cat /proc/cpuinfo | egrep -E "^physical|core id"| xargs -l2 | sort -u | awk -F ""'{print $4}' | grep 0 | wc -l
8

For the second CPU (1)

# cat /proc/cpuinfo | egrep -E "^physical|core id"| xargs -l2 | sort -u | awk -F ""'{print $4}' | grep 1 | wc -l
8

Again coming back to the calculation

For this with 2 physical CPUs(sockets) and 8 cores we would expect 16 logical CPUs if hyper threading is not enabled

# grep processor /proc/cpuinfo | wc -l
32

But here we have 32 CPUs so this clearly stats that hyper threading is enabled.

Lets take an example from another of my server where HT is disabled

# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 16
On-line CPU(s) list: 0-15
Thread(s) per core: 1
Core(s) per socket: 8
Socket(s): 2
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 63
Model name: Intel(R) Xeon(R) CPU E5-2640 v3 @ 2.60GHz
Stepping: 2
CPU MHz: 2600.000
CPU max MHz: 2600.0000
CPU min MHz: 1200.0000
BogoMIPS: 5193.67
Virtualization: VT-x
L1d cache: 32K
L1i cache: 32K
L2 cache: 256K
L3 cache: 20480K
NUMA node0 CPU(s): 0-15

Here as you see "Threads per core" is 1 so this gives us a HINT that there is a possibility that HT is disabled

Check the no of cores

# grep cpu.cores /proc/cpuinfo | sort -u
cpu cores : 8

Here if we multiply the no of sockets (2) with no of cores (8) then we must have 16 cores if HT is not enabled

# grep processor /proc/cpuinfo | wc -l
16

So we know now HT is disabled on this server.

I hope the article was useful.

↧

How to limit CPU count or disable CPUs in a multi core server in RHEL 7 / CentOS 7

January 20, 2018, 9:56 am

≫ Next: How to disable or enable hyper threading on my Linux server

≪ Previous: How to check if Hyper Threading (HT) is enabled or disabled on my Linux server

There are three different methods using which the number of CPU can be limited in Red Hat Enterprise Linux 7.

Method 1: maxcpus

Using maxcpus parameter : Add kernel parameter maxcpus=N in /boot/grub2/grub.cfg.

IMPORTANT NOTE:
It is not possible to disable CPU0 on Red Hat Enterprise Linux systems.

After enabling above parameter it is not possible to HOT plug more CPU's Online.

maxcpus= [SMP] Maximum number of processors that an SMP kernel should make use of. maxcpus=n : n >= 0 limits the kernel to using 'n' processors.
n=0 is a special case, it is equivalent to "nosmp", which also disables the IO APIC.

Provide the CPU count which you want to use in your system by using maxcpus variable under 'GRUB_CMDLINE_LINUX' in "/etc/sysconfig/grub" as shown below I am limiting the CPU count to 6

GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="novga panic=1 numa=off crashkernel=auto noht rhgb quiet console=tty0 maxcpus=6"
GRUB_DISABLE_RECOVERY="true"

Next regenerate the grub2 configuration file using

# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-693.5.2.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-693.5.2.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-1334797d644549a8aa195f756eaab1e1
Found initrd image: /boot/initramfs-0-rescue-1334797d644549a8aa195f756eaab1e1.img
done

Validate your changes

# grep maxcpus /boot/grub2/grub.cfg
linux16 /vmlinuz-3.10.0-693.5.2.el7.x86_64 root=/dev/mapper/os-root ro novga panic=1 numa=off crashkernel=auto rhgb quiet console=tty0 maxcpus=6
linux16 /vmlinuz-0-rescue-1334797d644549a8aa195f756eaab1e1 root=/dev/mapper/os-root ro novga panic=1 numa=off crashkernel=auto rhgb quiet console=tty0 maxcpus=6

Due to a known BUG in systemd kernel adds an udev rule that automatically sets CPUs to "online" state after they appear in the system hence that must be disabled for maxcpus to work
This rule can be disabled using the below command in /usr/lib/udev/rules.d/40-redhat.rules file

# sed -i 's/^$SUBSYSTEM=="cpu".*TEST=="online".*ATTR{online}="1"$/#\1/'/usr/lib/udev/rules.d/40-redhat.rules

Here we are commenting out below line which enables CPU during the reboot of the system

#SUBSYSTEM=="cpu", ACTION=="add", TEST=="online", ATTR{online}=="0", ATTR{online}="1"

Next rebuild the initramfs

# dracut -f

Next reboot the blade to make the changes affect and validate the number of cpus once the node comes up

# cat /proc/cmdline
BOOT_IMAGE=/vmlinuz-3.10.0-693.5.2.el7.x86_64 root=/dev/mapper/os-root ro novga panic=1 numa=off crashkernel=auto rhgb quiet console=tty0 maxcpus=6

# grep processor /proc/cpuinfo | wc -l
6

# lscpu | grep -i numa
NUMA node(s): 1
NUMA node0 CPU(s): 0-5

As you see now we have only 6 cpu cores.

Method 2: nr_cpus

Using nr_cpus parameter : Add kernel parameter nr_cpus=N in /boot/grub2/grub.cfg

IMPORTANT NOTE:
It is not possible to disable CPU0 on Red Hat Enterprise Linux systems.

After enabling above parameter it is not possible to HOT plug more CPU's Online.

nr_cpus= [SMP] Maximum number of processors that an SMP kernel could support. nr_cpus=n : n >= 1 limits the kernel to supporting 'n' processors.

Provide the CPU count which you want to use in your system by using maxcpus variable under GRUB_CMDLINE_LINUX in "/etc/sysconfig/grub" as shown below I am limiting the CPU count to 5

GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="novga panic=1 numa=off crashkernel=auto rhgb quiet console=tty0 nr_cpus=5"
GRUB_DISABLE_RECOVERY="true"

Next regenerate the grub2 configuration file using

# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-693.5.2.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-693.5.2.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-1be8540dbd0449f4b6c1a94f585eb350
Found initrd image: /boot/initramfs-0-rescue-1be8540dbd0449f4b6c1a94f585eb350.img
done

Validate your changes

# grep nr_cpus /boot/grub2/grub.cfg
linux16 /vmlinuz-3.10.0-693.5.2.el7.x86_64 root=/dev/mapper/os-root ro novga panic=1 numa=off crashkernel=auto noht rhgb quiet console=tty0 nr_cpus=5
linux16 /vmlinuz-0-rescue-1be8540dbd0449f4b6c1a94f585eb350 root=/dev/mapper/os-root ro novga panic=1 numa=off crashkernel=auto rhgb quiet console=tty0 nr_cpus=5

Before going for reboot lets check the available cores

# grep processor /proc/cpuinfo | wc -l
16

Next reboot the server to activate the changes
Once the system comes up validate the cpu count active on the system

# grep processor /proc/cpuinfo
processor : 0
processor : 1
processor : 2
processor : 3
processor : 4

Method 3

Manually disable individual CPU using "/sys/devices/system/cpu/cpu<id>/online" file

IMPORTANT NOTE:

This method is temporary and will not be persistent across reboot.

Below article contains more details on the steps to use this method

How to disable or enable hyper threading on my Linux server

I hope the article was useful.

↧

How to disable or enable hyper threading on my Linux server

January 21, 2018, 5:15 am

≫ Next: How to assign a service to a specific core using systemd in RHEL 7 / CentOS 7

≪ Previous: How to limit CPU count or disable CPUs in a multi core server in RHEL 7 / CentOS 7

Hyper threading uses processor resources more efficiently, enabling multiple threads to run on each

core. As a performance feature, it also increases processor throughput, improving overall performance on threaded software. A single physical CPU core with hyper-threading appears as two logical CPUs to an operating system.

Use below link to check the status of hyper threading on your Linux server

How to check if Hyper Threading (HT) is enabled or disabled on my Linux server

The recommended way to disable HT is by disabling in the BIOS, if possible but this can also be done via operating system using the below steps.

Disable HT on runtime for individual logical CPUs

Before starting let's check the lscpu stat

# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 32
On-line CPU(s) list: 0-31
Thread(s) per core: 2
Core(s) per socket: 8
Socket(s): 2

Here it shows that there are 2 threads per core so we know most likely hyper threading is enabled

The following files will show all of the logical CPU's and their HT pair relationships

# grep -H . /sys/devices/system/cpu/cpu*/topology/thread_siblings_list

To determine which CPUs should be disabled, the threads running on the same CPU core have to be identified. The files /sys/devices/system/cpu/cpuN/topology/thread_siblings_list where N is the CPU socket number. This file will contain the logical (HT) CPU numbers for each physical socket.

# grep -H . /sys/devices/system/cpu/cpu*/topology/thread_siblings_list | sort -n -t ',' -k 2 -u
/sys/devices/system/cpu/cpu0/topology/thread_siblings_list:0,16
/sys/devices/system/cpu/cpu17/topology/thread_siblings_list:1,17
/sys/devices/system/cpu/cpu18/topology/thread_siblings_list:2,18
/sys/devices/system/cpu/cpu19/topology/thread_siblings_list:3,19
/sys/devices/system/cpu/cpu20/topology/thread_siblings_list:4,20
/sys/devices/system/cpu/cpu21/topology/thread_siblings_list:5,21
/sys/devices/system/cpu/cpu22/topology/thread_siblings_list:6,22
/sys/devices/system/cpu/cpu23/topology/thread_siblings_list:7,23
/sys/devices/system/cpu/cpu24/topology/thread_siblings_list:8,24
/sys/devices/system/cpu/cpu25/topology/thread_siblings_list:9,25
/sys/devices/system/cpu/cpu10/topology/thread_siblings_list:10,26
/sys/devices/system/cpu/cpu11/topology/thread_siblings_list:11,27
/sys/devices/system/cpu/cpu12/topology/thread_siblings_list:12,28
/sys/devices/system/cpu/cpu13/topology/thread_siblings_list:13,29
/sys/devices/system/cpu/cpu14/topology/thread_siblings_list:14,30
/sys/devices/system/cpu/cpu15/topology/thread_siblings_list:15,31

This means that CPU0 and CPU16 are threads on the same core. The same for 1 and 17 and so on. Individual, logical HT CPUs could be turned off as needed for a specific application that is bound to a physical core.

Or the following script would disable all of them, from logical CPU 16 through 31

# cat /tmp/disable_ht.sh
#!/bin/bash
for i in {12..23}; do
echo "Disabling logical HT core $i."
echo 0> /sys/devices/system/cpu/cpu${i}/online;
done

To disable individual logical CPU use the below command and replace <cpu_id> with the id from (16..31)

echo 0> /sys/devices/system/cpu/<cpu_id>/online

To re-enable the HT

# cat /tmp/enable_ht.sh
for i in {12..23}; do
echo "Enabling logical HT core $i."
echo 1> /sys/devices/system/cpu/cpu${i}/online;
done

Disable HT permanently

For Linux Variants with GRUB
for example in SuSE Enterprise Linux 11

# vim /boot/grub/menu.lst
# Modified by YaST2. Last modification on Wed Nov 8 00:37:57 CET 2017
default 0
timeout 8
##YaST - activate

###Don't change this comment - YaST2 identifier: Original name: linux###
title SUSE Linux Enterprise Server 11 SP4 - 3.0.101-71.1.10543.0.PTF
root (hd0,4)
kernel /vmlinuz root=/dev/md1 console=ttyS0,115200 console=tty0 splash=silent crashkernel= showopts panic=1 numa=off noht
initrd /initrd

Lastly reboot the server to activate the changes.

For Linux Variants with GRUB2
To disable hyper threading permanently append 'noht' under 'GRUB_CMDLINE_LINUX' in '/etc/sysconfig/grub' file as shown below

Next regenerate the grub2 configuration file using

# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-514.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-514.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-a311757619b943238cda551a0f1b2743
Found initrd image: /boot/initramfs-0-rescue-a311757619b943238cda551a0f1b2743.img
done

Lastly reboot the server to activate the changes.

I hope the article is useful.

↧

How to assign a service to a specific core using systemd in RHEL 7 / CentOS 7

January 21, 2018, 5:16 am

≫ Next: How to check and update planned day light saving (DST) changes (timezone) in Linux

≪ Previous: How to disable or enable hyper threading on my Linux server

If your service is a multithread service then it may run on multiple cores based on the availability of the threads and if the service runs on a single core than again it will run on different thread every time the service is restarted but then atleast it will continue to use single thread until this service is restarted.

Learn to check which thread or core a process is running on using below link

How to find out on which core a process is running on in Linux

how can I assign a specific core to a service?

For example I have a test.service

# systemctl status test.service
â test.service - LSB: start any SW, when required
Loaded: loaded (/etc/rc.d/init.d/test; enabled; vendor preset: disabled)
Active: active (exited) since Sun 2018-01-21 00:04:55 IST; 31s ago
Docs: man:systemd-sysv-generator(8)
Process: 22045 ExecStop=/etc/rc.d/init.d/test stop (code=exited, status=0/SUCCESS)
Process: 22066 ExecStart=/etc/rc.d/init.d/test start (code=exited, status=0/SUCCESS)

Using below command you can check the core it is using

# grep -i cpu /proc/2206?/status
Cpus_allowed: 1000
Cpus_allowed_list: 12

Now if I restart the servcie and check the PID of the service you will observe the core number will most likely change

# systemctl status test.service
â test.service - LSB: start any SW, when required
Loaded: loaded (/etc/rc.d/init.d/test; enabled; vendor preset: disabled)
Active: active (exited) since Sun 2018-01-21 00:06:07 IST; 7s ago
Docs: man:systemd-sysv-generator(8)
Process: 22290 ExecStop=/etc/rc.d/init.d/test stop (code=exited, status=0/SUCCESS)
Process: 22312 ExecStart=/etc/rc.d/init.d/test start (code=exited, status=0/SUCCESS)

As you see earlier this service was running on 12th core and now it is running on 6th core.

# grep -i cpu /proc/2231?/status
Cpus_allowed: 0040
Cpus_allowed_list: 6

Lets assign a core on which we want this service to run always

# vim /etc/systemd/system/test.service
...
[Service]
CPUAffinity=13
Type=forking
Restart=no
...

Since we modified the unit file we must refresh the configuration before restarting the service

# systemctl daemon-reload

# systemctl restart test.service

Next check the status and PID of the service

# systemctl status test.service
â test.service - LSB: start any SW, when required
Loaded: loaded (/etc/rc.d/init.d/test; enabled; vendor preset: disabled)
Active: active (exited) since Sun 2018-01-21 00:01:51 IST; 2s ago
Docs: man:systemd-sysv-generator(8)
Process: 21944 ExecStop=/etc/rc.d/init.d/test stop (code=exited, status=0/SUCCESS)
Process: 21966 ExecStart=/etc/rc.d/init.d/test start (code=exited, status=0/SUCCESS)

So as expected now the service is running on the assigned core i.e. 13

# grep -i cpu /proc/2196?/status
Cpus_allowed: 2000
Cpus_allowed_list: 13

Let's change it to a different core number

# vim /etc/systemd/system/test.service
...
[Service]
CPUAffinity=15
Type=forking
Restart=no
...

Followed by reloading the unit configuration file and restart of the respective service

# systemctl daemon-reload

# systemctl restart test.service

Next check the status and PID of the service

# systemctl status test.service
â test.service - LSB: start any SW, when required
Loaded: loaded (/etc/rc.d/init.d/test; enabled; vendor preset: disabled)
Active: active (exited) since Sat 2018-01-20 23:59:14 IST; 13s ago
Docs: man:systemd-sysv-generator(8)
Process: 21760 ExecStop=/etc/rc.d/init.d/test stop (code=exited, status=0/SUCCESS)
Process: 21782 ExecStart=/etc/rc.d/init.d/test start (code=exited, status=0/SUCCESS)

Using the below command we get the core on which this test service is running and as expected it is running on 15th core

# grep -i cpu /proc/2178?/status
Cpus_allowed: 8000
Cpus_allowed_list: 15

I hope the article is useful.

↧

How to check and update planned day light saving (DST) changes (timezone) in Linux

January 21, 2018, 5:14 am

≫ Next: 10 examples to customize or change the login prompt using PS1 variable of bash shell in Linux

≪ Previous: How to assign a service to a specific core using systemd in RHEL 7 / CentOS 7

Daylight Saving Time happens in multiple countries across the globe and in many places the DST keeps changing every couple of years.

IMPORTANT NOTE: If your system is configured with online NTP pool servers then you need not worry about the leap seconds or DST changes as NTP server will take care of all these changes and will adjust your system clock accordingly.

Below article assumes that you don't have a NTP server and are dependent on locally installed timezone (tzdata) rpm.

How do I check the planned DST changes for a timezone?

You can get this information from (https://www.timeanddate.com) but you must make sure that your local system is also in sync with the DST changes as showed under (https://www.timeanddate.com)

For example I would like to see the planned DST changes for CET timezone.
From (https://www.timeanddate.com/time/change/germany/berlin) we get the below information

25 Mar 2018 - Daylight Saving Time Starts
When local standard time is about to reach
Sunday, 25 March 2018, 02:00:00 clocks are turned forward 1 hour to
Sunday, 25 March 2018, 03:00:00 local daylight time instead.

28 Oct 2018 - Daylight Saving Time Ends
When local daylight time is about to reach
Sunday, 28 October 2018, 03:00:00 clocks are turned backward 1 hour to
Sunday, 28 October 2018, 02:00:00 local standard time instead.

Lets match if with the DST changes available on my system

# zdump -v /usr/share/zoneinfo/CET | grep 2018
/usr/share/zoneinfo/CET Sun Mar 25 00:59:59 2018 UTC = Sun Mar 25 01:59:59 2018 CET isdst=0 gmtoff=3600
/usr/share/zoneinfo/CET Sun Mar 25 01:00:00 2018 UTC = Sun Mar 25 03:00:00 2018 CEST isdst=1 gmtoff=7200
/usr/share/zoneinfo/CET Sun Oct 28 00:59:59 2018 UTC = Sun Oct 28 02:59:59 2018 CEST isdst=1 gmtoff=7200
/usr/share/zoneinfo/CET Sun Oct 28 01:00:00 2018 UTC = Sun Oct 28 02:00:00 2018 CET isdst=0 gmtoff=3600

So we know that my local timeone rpm is capable enough to handle the DST changes.

With RHEL 7 with timedatectl also we can get this information on the planned DST changes

# timedatectl status
Local time: Sun 2018-03-25 03:00:00 CEST
Universal time: Sun 2018-03-25 01:00:00 UTC
RTC time: Sun 2018-03-25 01:25:41
Time zone: CET (CEST, +0200)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: yes
Last DST change: DST began at
Sun 2018-03-25 01:59:59 CET
Sun 2018-03-25 03:00:00 CEST
Next DST change: DST ends (the clock jumps one hour backwards) at
Sun 2018-10-28 02:59:59 CEST
Sun 2018-10-28 02:00:00 CET

But do we know it will really work?

Let us validate this by manually tweaking our local timezone and date

First change the local timezone to CET, the existing timezone as you see is 'Asia/Kolkata'

# ll /etc/localtime
lrwxrwxrwx. 1 root root 34 Jan 11 12:28 /etc/localtime -> ../usr/share/zoneinfo/Asia/Kolkata

Change it to CET

# ln -s ../usr/share/zoneinfo/CET /etc/localtime

# ll /etc/localtime
lrwxrwxrwx 1 root root 25 Jan 21 11:51 /etc/localtime -> ../usr/share/zoneinfo/CET

My current date and time

# date
Sun Jan 21 11:52:07 CET 2018

Lets change it to "Sun Mar 25 01:59:59 2018 CET" when we know the DST change should make the system clock shift one hour ahead

# date --set "25 Mar 2018 1:59:56 CET"
Sun Mar 25 01:59:56 CET 2018

On another terminal I have a while loop running to monitor the changing time

# while true;do echo -n checking DST changes with timezone ;date;sleep 1; done
checking DST changes with timezone Sun Mar 25 01:59:56 CET 2018
checking DST changes with timezone Sun Mar 25 01:59:57 CET 2018
checking DST changes with timezone Sun Mar 25 01:59:58 CET 2018
checking DST changes with timezone Sun Mar 25 01:59:59 CET 2018
checking DST changes with timezone Sun Mar 25 03:00:00 CEST 2018
checking DST changes with timezone Sun Mar 25 03:00:01 CEST 2018
checking DST changes with timezone Sun Mar 25 03:00:02 CEST 2018
checking DST changes with timezone Sun Mar 25 03:00:03 CEST 2018

If you notice the time changed from 01:59:59 to 03:00:00 because of the planned DST change

Next lets check the DST end changes which as per the timezone is scheduled at 28th oct 2018 when the time shifts back one hour

# date --set "28 Oct 2018 02:59:56 CEST"
Sun Oct 28 02:59:56 CEST 2018

Using our while loop

# while true;do echo -n "checking DST changes with timezone "; date;sleep 1; done
checking DST changes with timezone Sun Oct 28 02:59:56 CEST 2018
checking DST changes with timezone Sun Oct 28 02:59:57 CEST 2018
checking DST changes with timezone Sun Oct 28 02:59:58 CEST 2018
checking DST changes with timezone Sun Oct 28 02:59:59 CEST 2018
checking DST changes with timezone Sun Oct 28 02:00:00 CET 2018
checking DST changes with timezone Sun Oct 28 02:00:01 CET 2018
checking DST changes with timezone Sun Oct 28 02:00:02 CET 2018
checking DST changes with timezone Sun Oct 28 02:00:03 CET 2018

So the DST ended with expected timeshift from 02:59:59 to 02:00:00.

What should I do if the timezone (tzdata) rpm does not has planned DST changes?

Many times it can happen that the DST schedule changes without much prior notification, so in such situation you are very much dependent on NTP but what if you don't have NTP server?
In that case you have to make sure you have the latest timezone (tzdata) rpm which has the new changes for the specific timezone.

For Red Hat you can get the list of changes done for individual tzdata rpm under below page
https://access.redhat.com/articles/1187353

In case your vendor has not yet released a tzadata rpm file and you need a new fix then you can always download it from the main source of tz database

For latest available tzdata
https://www.iana.org/time-zones

If you want to access older tzdata archive
ftp://ftp.iana.org/tz/

For the sake of this article I will give an example from a recent scenario
In the year 2016 Turkey government announced not to have DST changes anymore so the old tzdata rpm was not aware of this change hence if not updated it will continue to shift the time as per the old planned DST changes

My existing tzdata rpm

# rpm -qa | grep tzdata
tzdata-2016a-1.el7.noarch

which is currently unaware that now for Turkey timezone there should be no more DST changes after the year 2016

# zdump -v /usr/share/zoneinfo/Turkey | grep 2017
/usr/share/zoneinfo/Turkey Sun Mar 26 00:59:59 2017 UTC = Sun Mar 26 02:59:59 2017 EET isdst=0 gmtoff=7200
/usr/share/zoneinfo/Turkey Sun Mar 26 01:00:00 2017 UTC = Sun Mar 26 04:00:00 2017 EEST isdst=1 gmtoff=10800
/usr/share/zoneinfo/Turkey Sun Oct 29 00:59:59 2017 UTC = Sun Oct 29 03:59:59 2017 EEST isdst=1 gmtoff=10800
/usr/share/zoneinfo/Turkey Sun Oct 29 01:00:00 2017 UTC = Sun Oct 29 03:00:00 2017 EET isdst=0 gmtoff=7200

As you see if I check the planned DST changes for the year 2017, it still shows me that the DST will start on '26th March' from 'EET' to 'EEST' and will end on '29th Oct' from 'EEST' to 'EET' again.

To fix this we need updated tzdata rpm with the necessary changes, this was updated in 2016g tzadata rpm so I downloaded the same from IANA database (ftp://ftp.iana.org/tz/)

and copied the same to my setup

# mkdir /tmp/tzdb
# cp /root/tzdata2016g.tar.gz /tmp/tzdb/
# tar -xzf tzdata2016g.tar.gz

next extract the needed timezone file here

In the NEWS file you should get the information regarding the Turkey time changes

Turkey switched from EET/EEST (+02/+03) to permanent +03,
effective 2016-09-07. (Thanks to Burak AYDIN.) Use "+03" rather
than an invented abbreviation for the new time.

Lets extract the needed timezone file and place it on our system

# zic -d zoneinfo europe

This will create a directory zoneinfo and will extract all the timezone files under europe
Here we will have 'Istanbul' timezone which is same as Turkey, overwrite the existing Istanbul timezone with the new one

# cp ./zoneinfo/Asia/Istanbul /usr/share/zoneinfo/Asia/Istanbul
cp: overwrite â/usr/share/zoneinfo/Asia/Istanbulâ? y

If you observe I only modified Istanbul timezone but my 3 files are updated

# rpm -V tzdata
S.5....T. /usr/share/zoneinfo/Asia/Istanbul
S.5....T. /usr/share/zoneinfo/Europe/Istanbul
S.5....T. /usr/share/zoneinfo/Turkey

So now lets see if this timezone has the updated information about the new time changes from Turkey government.

First lets check for the year 2017

# zdump -v /usr/share/zoneinfo/Asia/Istanbul | grep 2017
zdump: warning: zone "/usr/share/zoneinfo/Asia/Istanbul" abbreviation "+04" lacks alphabetic at start

As expected there are no planned DST changes in the year 2017 as Turkey government ended the DST in 2016 itself

For the year 2016 if you will compare the output from our last old tzdata rpm

# zdump -v /usr/share/zoneinfo/Asia/Istanbul | grep 2016
zdump: warning: zone "/usr/share/zoneinfo/Asia/Istanbul" abbreviation "+04" lacks alphabetic at start
/usr/share/zoneinfo/Asia/Istanbul Sun Mar 27 00:59:59 2016 UTC = Sun Mar 27 02:59:59 2016 EET isdst=0 gmtoff=7200
/usr/share/zoneinfo/Asia/Istanbul Sun Mar 27 01:00:00 2016 UTC = Sun Mar 27 04:00:00 2016 EEST isdst=1 gmtoff=10800
/usr/share/zoneinfo/Asia/Istanbul Tue Sep 6 20:59:59 2016 UTC = Tue Sep 6 23:59:59 2016 EEST isdst=1 gmtoff=10800
/usr/share/zoneinfo/Asia/Istanbul Tue Sep 6 21:00:00 2016 UTC = Wed Sep 7 00:00:00 2016 +03 isdst=0 gmtoff=10800

The DST will end on Sep 7 and the timezone will change from EEST to '+03' instead of 'EET'

IMPORTANT NOTE: The above will only update system level timezone, all the java applications follow their own timezone hence you have to make sure you update the tzdata of your JRE separately or else your java based alarms will continue to use old date and time.

I will write an article shortly with the steps to update tzdata for JRE

I hope the article was useful.

↧

10 examples to customize or change the login prompt using PS1 variable of bash shell in Linux

February 10, 2018, 3:31 am

≫ Next: How to customize and change color of the bash login prompt in Linux

≪ Previous: How to check and update planned day light saving (DST) changes (timezone) in Linux

After your Linux node boots up and once you enter your username and password, you are provided with a shell prompt which looks something like below

my-linux-setup:~ #

When executing interactively, bash displays the primary prompt PS1 when it is ready to read a command, and the secondary prompt PS2 when it needs more input to complete a command.

Bash allows these prompt strings to be customized by inserting a number of backslash-escaped special characters that are decoded as follows:

\a an ASCII bell character (07)
\d the date in "Weekday Month Date" format (e.g., "Tue May 26")
\D the format is passed to strftime(3) and the result is inserted into the prompt string; an empty format results in a locale-specific time representation. The braces are required
\e an ASCII escape character (033)
\h the hostname up to the first `.'
\H the hostname
\j the number of jobs currently managed by the shell
\l the basename of the shell's terminal device name
\n newline
\r carriage return
\s the name of the shell, the basename of $0 (the portion following the final slash)
\t   the current time in 24-hour HH:MM:SS format
\T   the current time in 12-hour HH:MM:SS format
\@ the current time in 12-hour am/pm format
\A the current time in 24-hour HH:MM format
\u the username of the current user
\v the version of bash (e.g., 2.00)
\V the release of bash, version + patch level (e.g., 2.00.0)
\w the current working directory, with $HOME abbreviated with a tilde (uses the value of the PROMPT_DIRTRIM variable)
\W the basename of the current working directory, with $HOME abbreviated with a tilde
\! the history number of this command
\#   the command number of this command
\$ if the effective UID is 0, a #, otherwise a $
\nnn the character corresponding to the octal number nnn
\\   a backslash
\[ begin a sequence of non-printing characters, which could be used to embed a terminal control sequence into the prompt

There are ways to change this as per your requirement, lets go through some of the examples

Display only the hostname

# export PS1='[\h :~]# '

[my-linux-setup :~]#

Display only the current working directory

# export PS1='[\w :~]# '

[/var/lib :~]#

Display hostname and current working directory with complete path

# export PS1='[\h:\w :~]# '

[my-linux-setup:/var/lib :~]#

Display hostname and current working directory name

# export PS1='[\h\W :~]# '

[my-linux-setup lib :~]# pwd
/var/lib

Display username, hostname and current working directory with path

# export PS1='[\u@\h\w :~]# '

[root@my-linux-setup/var/lib :~]#

Display username, hostname and current working directory name

# export PS1='[\u@\h\W :~]# '

[root@my-linux-setuplib :~]# pwd
/var/lib

Display username, FQDN and current working directory with path

# export PS1='[\u@\H\w]# '

[root@my-linux-setup.example/var/lib]#

Display date along with hostname and username

# export PS1='[\u@\h\d]# '

[root@my-linux-setupSat Feb 10]#

Display current time with username and hostname

# export PS1='[\u@\h\A ~]# '

[root@my-linux-setup16:20 ~]#
[root@my-linux-setup16:22 ~]#
[root@my-linux-setup16:24 ~]#
[root@my-linux-setup16:26 ~]#

Display the current shell name along with username and hostname

# export PS1='[\u@\h \s ~]# '

[root@my-linux-setup-bash ~]#

Changed the shell to 'sh'

[root@my-linux-setup-bash ~]# sh
[root@my-linux-setupsh ~]#

↧

How to customize and change color of the bash login prompt in Linux

February 11, 2018, 1:01 am

≫ Next: Step by Step tutorial guide to configure BIND DNS server in chroot environment for Red Hat (RHEL/CentOS) 7

≪ Previous: 10 examples to customize or change the login prompt using PS1 variable of bash shell in Linux

There are various method we can use to customize and change the colour of the login prompt of your bash shell in Linux.

Follow below link to customize or change the view of the login prompt

10 examples to customize or change the login prompt using PS1 variable of bash shell in Linux

Below are some of the colour codes

Black ->30
Red   ->31
Green ->32
Yellow   ->33
Blue ->34
Magenta ->35
Cyan   ->36
White ->37
Bright Black ->90
Bright Red   ->91
Bright Green ->92
Bright Yellow ->93
Bright Blue ->94
Bright Magenta ->95
Bright Cyan ->96
Bright White ->97

Octal Method

start -> \033[0m
end -> \033[m

Bash Method

start -> \e
end -> \e[m

IMPORTANT NOTE: Additional escape characters must be added for PS1 variable so that bash can interpret them correctly, without which you may face problem while searching for history or running history based commands using 'ctrl +r'

Below additional prompt must be added additionally

start -> \[
end -> \]

Using Octal Format

My login prompt

[root@golinuxhub ~]#

Change the color of the prompt to 'RED'

# export PS1='\[\033[31m\][\u@\h ~]#\[\033[m\]'

Below image shows complete list of color codes

Similarly you can modify the command to change the prompt to different colors, you only need to care about below format while using the above command

start -> \[\033[31m\] <-- Here modify '31m' with the color number
end -> \[\033[m\] <-- to reset the terminal or else your commands would also appear with the same color

Using Bash Format

My login prompt

[root@golinuxhub ~]#

Change the color of the prompt to 'YELLOW'

# export PS1='\[\e[33m\][\u@\h]#\[\e[m\] '

Change the color of the prompt to "BRIGHT WHITE"

# export PS1='\[\e[97m\][\u@\h]#\[\e[m\]'

Below image shows complete list of color codes

Similarly you can modify the command to change the prompt to different colors, you only need to care about below format while using the above command

start -> \[\e[33m\] <-- Here modify '31m' with the color number
end -> \[\e[m\] <-- to reset the terminal or else your commands would also appear with the same color

I hope the article was useful.

↧

Step by Step tutorial guide to configure BIND DNS server in chroot environment for Red Hat (RHEL/CentOS) 7

February 12, 2018, 9:17 am

≫ Next: How to change or customise login prompt for ksh shell in Linux (with examples)

≪ Previous: How to customize and change color of the bash login prompt in Linux

I have already written two articles to configure BIND DNS server in chroot environment for different BIND versions on Red Hat Enterprise Linux 6

Step by step tutorial to configure BIND-9.8 DNS server in Red Hat Linux 6
Step by step tutorial to configure BIND-9.2 DNS server in Red Hat Linux 6

In this article I will share the list of steps to configure DNS server on RHEL 7 or CentOS 7.

For the demonstration of the steps I have used Red Hat Enterprise Linux 7.4
Our aim to create one A record and one PTR record for forward and reverse lookup respectively.

Firstly install the required rpms to configure your DNS server
# yum install bind bind-chroot caching-nameserver

My setup details

# hostname
golinuxhub-client.example

My IP address is 192.168.1.7

# ip address | egrep 'inet.*enp0s3'
inet 192.168.1.7/24 brd 192.168.1.255 scope global dynamic enp0s3

Since we will be using chroot environment disable the below services

# systemctl stop named

# systemctl disable named

Next copy the required files inside chroot directory.

NOTE: Use -p argument along with cp command to preserve the permission and ownership of all the files and directories

[root@golinuxhub-client ~]# cp -rpvf /usr/share/doc/bind-9.9.4/sample/etc/* /var/named/chroot/etc/
‘/usr/share/doc/bind-9.9.4/sample/etc/named.conf’ -> ‘/var/named/chroot/etc/named.conf’
‘/usr/share/doc/bind-9.9.4/sample/etc/named.rfc1912.zones’ -> ‘/var/named/chroot/etc/named.rfc1912.zones’

Next copy the zone related files inside the new location

[root@golinuxhub-client ~]# cp -rpvf /usr/share/doc/bind-9.9.4/sample/var/named/* /var/named/chroot/var/named/
‘/usr/share/doc/bind-9.9.4/sample/var/named/data’ -> ‘/var/named/chroot/var/named/data’
‘/usr/share/doc/bind-9.9.4/sample/var/named/my.external.zone.db’ -> ‘/var/named/chroot/var/named/my.external.zone.db’
‘/usr/share/doc/bind-9.9.4/sample/var/named/my.internal.zone.db’ -> ‘/var/named/chroot/var/named/my.internal.zone.db’
‘/usr/share/doc/bind-9.9.4/sample/var/named/named.ca’ -> ‘/var/named/chroot/var/named/named.ca’
‘/usr/share/doc/bind-9.9.4/sample/var/named/named.empty’ -> ‘/var/named/chroot/var/named/named.empty’
‘/usr/share/doc/bind-9.9.4/sample/var/named/named.localhost’ -> ‘/var/named/chroot/var/named/named.localhost’
‘/usr/share/doc/bind-9.9.4/sample/var/named/named.loopback’ -> ‘/var/named/chroot/var/named/named.loopback’
‘/usr/share/doc/bind-9.9.4/sample/var/named/slaves’ -> ‘/var/named/chroot/var/named/slaves’
‘/usr/share/doc/bind-9.9.4/sample/var/named/slaves/my.ddns.internal.zone.db’ -> ‘/var/named/chroot/var/named/slaves/my.ddns.internal.zone.db’
‘/usr/share/doc/bind-9.9.4/sample/var/named/slaves/my.slave.internal.zone.db’ -> ‘/var/named/chroot/var/named/slaves/my.slave.internal.zone.db’

Lets start configuring our primary configuration file

# cd /var/named/chroot/etc/

Clear the existing named.conf and paste the below content

[root@golinuxhub-client etc]# vim named.conf
options {
listen-on port 53 { 127.0.0.1; any; };
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; any; };
allow-query-cache { localhost; any; };
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

view my_resolver {
match-clients { localhost; any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};

The zone related content information must be added in /var/named/chroot/etc/named.rfc1912.zones, append the below entries.

Here example.zone is our forward zone file while example.rzone is our reverse zone file for reverse lookup entry

IMPORTANT NOTE: The reverse lookup zone contains 1.168.192 because my host IP is 192.168.1.7

zone "example" IN {
type master;
file "example.zone";
allow-update { none; };
};

zone "1.168.192.in-addr.arpa" IN {
type master;
file "example.rzone";
allow-update { none; };
};

The zone related files are available under below path

# cd /var/named/chroot/var/named/

Next lets create our forward and reverse zone file, the filenames will be same as what we gave in our named.rfc1912.zones file above, we already have some default templates which we can use as below

# cp -p named.localhost example.zone
# cp -p named.loopback example.rzone

As you see the existing permission of all the files and directories are owned by root

[root@golinuxhub-client named]# ll
total 32
drwxr-xr-x. 2 root root 6 May 22 2017 data
-rw-r--r--. 1 root root 168 May 22 2017 example.rzone
-rw-r--r--. 1 root root 152 May 22 2017 example.zone
-rw-r--r--. 1 root root 56 May 22 2017 my.external.zone.db
-rw-r--r--. 1 root root 56 May 22 2017 my.internal.zone.db
-rw-r--r--. 1 root root 2281 May 22 2017 named.ca
-rw-r--r--. 1 root root 152 May 22 2017 named.empty
-rw-r--r--. 1 root root 152 May 22 2017 named.localhost
-rw-r--r--. 1 root root 168 May 22 2017 named.loopback
drwxr-xr-x. 2 root root 71 Feb 12 21:02 slaves

Change the permission of all the files under this location with root as user owner and named as the group owner

# chown root:named *

Although for the data partition the user and group owner must be 'named'

# chown -R named:named data

# ls -l
total 32
drwxr-xr-x. 2 named named 6 May 22 2017 data
-rw-r--r--. 1 root named 168 May 22 2017 example.rzone
-rw-r--r--. 1 root named 152 May 22 2017 example.zone
-rw-r--r--. 1 root named 56 May 22 2017 my.external.zone.db
-rw-r--r--. 1 root named 56 May 22 2017 my.internal.zone.db
-rw-r--r--. 1 root named 2281 May 22 2017 named.ca
-rw-r--r--. 1 root named 152 May 22 2017 named.empty
-rw-r--r--. 1 root named 152 May 22 2017 named.localhost
-rw-r--r--. 1 root named 168 May 22 2017 named.loopback
drwxr-xr-x. 2 root named 71 Feb 12 21:02 slaves

Append the below content for our forward zone file. Here we are creating A record for our localhost (golinuxhub-client) and one more for one of my server node (golinuxhub-server)

# vim example.zone
$TTL 1D
@ IN SOA example. root (
1 ; serial
3H ; refresh
15M ; retry
1W ; expire
1D ) ; minimum

IN NS example.

IN A 192.168.1.7
golinuxhub-server IN A 192.168.1.5
golinuxhub-client IN A 192.169.1.7

Append the below content for our reverse zone file. Here we are creating PTR record for our localhost and one more for one of my server node (golinuxhub-server)

# vim example.rzone
$TTL 1D
@ IN SOA example. root.example. (
1997022700 ; serial
28800 ; refresh
14400 ; retry
3600000 ; expire
86400 ) ; minimum

IN NS example.
5 IN PTR golinuxhub-server.example.
7 IN PTR golinuxhub-client.example.

Before we start our named-chroot service, we will validate the zone file configuration

[root@golinuxhub-client named]# named-checkzone golinuxhub-client.example example.zone
zone golinuxhub-client.example/IN: loaded serial 1
OK

[root@golinuxhub-client named]# named-checkzone golinuxhub-client.example example.rzone
zone golinuxhub-client.example/IN: loaded serial 1997022700
OK

All looks ok there, check the configuration file using below command

[root@golinuxhub-client named]# named-checkconf -t /var/named/chroot/ /etc/named.conf

So our command executed successfully

[root@golinuxhub-client named]# echo $?
0

IMPORTANT NOTE: For my setup SELinux is in permissive mode

# getenforce
Permissive

Everything looks fine so time to start our named-chroot service

[root@golinuxhub-client named]# systemctl restart named-chroot

[root@golinuxhub-client named]# systemctl status named-chroot
● named-chroot.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named-chroot.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2018-02-12 21:53:23 IST; 19s ago
Process: 5236 ExecStop=/bin/sh -c /usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID (code=exited, status=0/SUCCESS)
Process: 5327 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} -t /var/named/chroot $OPTIONS (code=exited, status=0/SUCCESS)
Process: 5325 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -t /var/named/chroot -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 5330 (named)
CGroup: /system.slice/named-chroot.service
└─5330 /usr/sbin/named -u named -c /etc/named.conf -t /var/named/chroot

Feb 12 21:53:23 golinuxhub-client.example named[5330]: managed-keys-zone/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone 0.in-addr.arpa/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone 1.0.0.127.in-addr.arpa/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone 1.168.192.in-addr.arpa/IN/my_resolver: loaded serial 1997022700
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone example/IN/my_resolver: loaded serial 1
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone localhost/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: zone localhost.localdomain/IN/my_resolver: loaded serial 0
Feb 12 21:53:23 golinuxhub-client.example named[5330]: all zones loaded
Feb 12 21:53:23 golinuxhub-client.example named[5330]: running

Make sure your resolv.conf contains the IP of your setup so that it can act as a DNS server

# cat /etc/resolv.conf
search example
nameserver 192.168.1.7

Lets validate our DNS server for our reverse zone file using dig

[root@golinuxhub-client named]# dig -x 192.168.1.5

; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7 <<>> -x 192.168.1.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40331
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.1.168.192.in-addr.arpa. IN PTR

;; ANSWER SECTION:
5.1.168.192.in-addr.arpa. 86400 IN PTR golinuxhub-server.example.

;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 86400 IN NS example.

;; ADDITIONAL SECTION:
example. 86400 IN A 192.168.1.7

;; Query time: 1 msec
;; SERVER: 192.168.1.7#53(192.168.1.7)
;; WHEN: Mon Feb 12 22:13:17 IST 2018
;; MSG SIZE rcvd: 122

As you see we do get a positive response with a ANSWER for our QUERY

[root@golinuxhub-client named]# dig -x 192.168.1.7

; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7 <<>> -x 192.168.1.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55804
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;7.1.168.192.in-addr.arpa. IN PTR

;; ANSWER SECTION:
7.1.168.192.in-addr.arpa. 86400 IN PTR golinuxhub-client.example.

;; AUTHORITY SECTION:
1.168.192.in-addr.arpa. 86400 IN NS example.

;; ADDITIONAL SECTION:
example. 86400 IN A 192.168.1.7

;; Query time: 1 msec
;; SERVER: 192.168.1.7#53(192.168.1.7)
;; WHEN: Mon Feb 12 22:12:54 IST 2018
;; MSG SIZE rcvd: 122

Similarly we can validate our forward zone file

[root@golinuxhub-client named]# nslookup golinuxhub-client.example
Server: 192.168.1.7
Address: 192.168.1.7#53

Name: golinuxhub-client.example
Address: 192.169.1.7

[root@golinuxhub-client named]# nslookup golinuxhub-server.example
Server: 192.168.1.7
Address: 192.168.1.7#53

Name: golinuxhub-server.example
Address: 192.168.1.5

I hope the article was useful.

↧

How to change or customise login prompt for ksh shell in Linux (with examples)

February 14, 2018, 8:34 pm

≫ Next: Step by Step Guide to create autoyast xml file for SuSE Linux (SLES) with examples

≪ Previous: Step by Step tutorial guide to configure BIND DNS server in chroot environment for Red Hat (RHEL/CentOS) 7

In my last article I had shown the steps to customise login prompt for bash shell

How to customize and change color of the bash login prompt in Linux
10 examples to customize or change the login prompt using PS1 variable of bash shell in Linux

so now in this article I will share some examples which can be used to customise login prompt for 'ksh shell'

By default in Red Hat Linux we only get a "$" prompt for ksh shell

First let us create a user with default shell as 'ksh'

# useradd -s /bin/ksh deepak

As you see we only get a dollar ($) prompt for ksh shell based user

# su - deepak
Last login: Thu Feb 15 09:27:42 IST 2018 on pts/0
$
$

Display only hostname

export PS1='[${HOSTNAME}]$ '

[Ban17-adm01-a-br]$

Display username and hostname

export PS1='[${USER}@${HOSTNAME}]$ '

[deepak@Ban17-adm01-a-br]$

Display hostname with current working directory

export PS1='[${HOSTNAME}:${PWD}]$ '

[Ban17-adm01-a-br:/home/deepak]$

Display user, hostname and current working directory

export PS1='[${USER}@${HOSTNAME}:${PWD}]$ '

[deepak@Ban17-adm01-a-br:/home/deepak]$

To make the changes permanent, place your PS1 variable to .kshrc in the user home folder

# .kshrc

# Source global definitions
if [ -f /etc/kshrc ]; then
. /etc/kshrc
fi

# use emacs editing mode by default
set -o emacs

# User specific aliases and functions

export PS1='${USER}\@${HOSTNAME}:${PWD}\> '

I hope the article was useful.

↧

Step by Step Guide to create autoyast xml file for SuSE Linux (SLES) with examples

February 18, 2018, 3:02 am

≫ Next: How to configure NTP client to sync with NTP server during system startup (boot) in (RHEL 7 / CentOS 7) Linux

≪ Previous: How to change or customise login prompt for ksh shell in Linux (with examples)

In this article I will show you some examples of autoyast xml files and syntax which can be used based on your requirement.

AutoYast2 xml in SLES is similar to kickstart used with Red Hat only in terms of concept which means both of them are used for automating the installation but the syntax and variables used are completely different.

AutoYaST2 is a system for installing one or more SUSE Linux systems automatically and without user intervention. AutoYaST2 installations are performed using an AutoYaST profile with installation and configuration data. That profile can be created using the configuration interface of AutoYaST2 and can be provided to YaST2 during installation in different ways.

Configure General options (timezone, keyboard and mouse)

General options include all the settings related to the installation process and the environment of the installed system.

The mode section configures the behavior of AutoYaST with regard to confirmation and rebooting.

By default, the user must confirm the auto-installation process. This option allows the user to view and change the settings for a target system before they are committed and can be used for debugging.
confirm is set to "true" by default to avoid recursive installs when the system schedules a reboot after initial system setup. Only disable confirmation if you want to carry out a fully unattended installation.
With halt you cause AutoYaST to shut down the machine after all packages have been installed. Instead of a reboot into stage two, the machine is turned off. The boot loader is already installed and all your chroot scripts have run.
final_halt and final_reboot have been introduced with openSUSE 11.0 and SLES11. You can reboot or halt the machine after installation and configuration are finished at the end of stage 2.

Replace the highlighted values tin yellow o configure your keyboard and language value

<general>
<clock>
<hwclock>UTC</hwclock>
<timezone>Asia/Calcutta</timezone>
</clock>
<keyboard>
<keymap>english-us</keymap>
</keyboard>
<language>en_US</language>
<mode>
<halt config:type="boolean">false</halt>
<forceboot config:type="boolean">false</forceboot>
<final_reboot config:type="boolean">false</final_reboot>
<final_halt config:type="boolean">false</final_halt>
<confirm config:type="boolean">true</confirm>
<second_stage config:type="boolean">true</second_stage>
</mode>
<mouse>
<id>probe</id>
</mouse>
<report>
<messages>
<show config:type="boolean">true</show>
<timeout config:type="integer">10</timeout>
<log config:type="boolean">true</log>
</messages>
<errors>
<show config:type="boolean">true</show>
<timeout config:type="integer">10</timeout>
<log config:type="boolean">true</log>
</errors>
<warnings>
<show config:type="boolean">true</show>
<timeout config:type="integer">10</timeout>
<log config:type="boolean">true</log>
</warnings>
</report>
</general>

Configure bootloader

Below section in the autoyast xml is mandatory, although the highlighted values can be modified accordingly

<bootloader>
<activate config:type="boolean">false</activate>
<loader_type>grub</loader_type>
<repl_mbr config:type="boolean">false</repl_mbr>
<global>
<boot_mbr config:type="boolean">true</boot_mbr>
</global>
</bootloader>

Configure Networking, DNS, Routing

YaST will keep network settings created during installation (via Linuxrc) and/or merge it with network settings from the AutoYaST profile (if defined).
AutoYaST settings have higher priority than already present configuration files.
YaST will write ifcfg-* files from profile without removing old ones.
If there is an empty or no dns and routing section, YaST will keep already present values. Otherwise settings from the profile will be applied.

To configure network settings and activate networking automatically, one global resource is used to store the whole network configuration.

In the below syntax I am creating a single interface with a DNS server and hostname

<networking>
<dns>
<dhcp_resolv config:type="boolean">true</dhcp_resolv>
<domain></domain>
<hostname>golinuxhub</hostname>
<nameserver>127.0.0.1</nameserver>
</dns>
<routing>
<ip_forward config:type="boolean">false</ip_forward>
<routes config:type="list">
<route>
<destination>default</destination>
<device>-</device>
<gateway>192.168.1.32</gateway>
<netmask>-</netmask>
</route>
</routes>
</routing>
<interfaces config:type="list">
<interface>
<device>eth0</device>
<startmode>onboot</startmode>
<bootproto>static</bootproto>
<ipaddr>192.168.1.10</ipaddr>
<netmask>255.255.255.224</netmask>
</interface>
</interfaces>
</networking>

Configure NTP

Using the below syntax you can configure your NTP client with the list of NTP servers

<ntp-client>
<configure_dhcp config:type="boolean">false</configure_dhcp>
<peers config:type="list">
<peer>
<address>10.10.10.102</address>
<initial_sync config:type="boolean">true</initial_sync>
<options></options>
<type>server</type>
</peer>
<peer>
<address>10.10.10.104</address>
<initial_sync config:type="boolean">true</initial_sync>
<options></options>
<type>server</type>
</peer>
</peers>
<start_at_boot config:type="boolean">true</start_at_boot>
<start_in_chroot config:type="boolean">true</start_in_chroot>
</ntp-client>

Create a User

To create a user use syntax as explained below with the encrypted password and it's login shell

<users config:type="list">
<user>
<encrypted config:type="boolean">true</encrypted>
<home>/root</home>
<shell>/bin/bash</shell>
<user_password>/.b.X4RxPGnig</user_password>
<username>root</username>
</user>
</users>

Configure partitioning

To understand more on every syntax used here you can follow the Guide from SuSE.

In the below example I am creating LVM based configiration with root, boot, swap and some other data partitions

<partitioning config:type="list">
<drive>
<initialize config:type="boolean">true</initialize>
<partitions config:type="list">

<partition>
<format config:type="boolean">false</format>
<partition_id config:type="integer">131</partition_id>
<filesystem config:type="symbol">ext3</filesystem>
<format config:type="boolean">true</format>
<mount>/boot</mount>
<size>128M</size>
</partition>


<partition>
<format config:type="boolean">false</format>
<lvm_group>system</lvm_group>
<partition_id config:type="integer">142</partition_id>
<size>max</size>
</partition>


</partitions>
<use>all</use>
</drive>
<drive>
<device>/dev/system</device>
<initialize config:type="boolean">false</initialize>
<is_lvm_vg config:type="boolean">true</is_lvm_vg>
<lvm2 config:type="boolean">true</lvm2>
<partitions config:type="list">

<partition>
<filesystem config:type="symbol">ext3</filesystem>
<format config:type="boolean">true</format>
<lv_name>root</lv_name>
<mount>/</mount>
<partition_id config:type="integer">142</partition_id>
<size>800m</size>
</partition>


<partition>
<filesystem config:type="symbol">ext3</filesystem>
<format config:type="boolean">true</format>
<lv_name>tmp</lv_name>
<mount>/tmp</mount>
<partition_id config:type="integer">142</partition_id>
<size>2048m</size>
</partition>


<partition>
<filesystem config:type="symbol">ext3</filesystem>
<format config:type="boolean">true</format>
<lv_name>var</lv_name>
<mount>/var</mount>
<partition_id config:type="integer">142</partition_id>
<size>4096m</size>
</partition>


<partition>
<filesystem config:type="symbol">ext3</filesystem>
<format config:type="boolean">true</format>
<lv_name>opt</lv_name>
<mount>/opt</mount>
<partition_id config:type="integer">142</partition_id>
<size>2048m</size>
</partition>


<partition>
<filesystem config:type="symbol">swap</filesystem>
<format config:type="boolean">true</format>
<lv_name>swap</lv_name>
<mount>swap</mount>
<partition_id config:type="integer">142</partition_id>
</partition>

</partitions>
<pesize>32M</pesize>
<use>all</use>
</drive>

</partitioning>

Configure Software

You can provide a custom list of rpms which you want to be installed or removed during the installation

<software>
<kernel>kernel-default</kernel>
<patterns config:type="list">
<pattern>Minimal</pattern>
</patterns>

<packages config:type="list">
<package>update-alternatives</package>
<package>vim-base</package>
<package>vim-data</package>
<package>vim</package>
<package>audit</package>
<package>libltdl7</package>
<package>openssh</package>
<package>man</package>
<package>man-pages</package>
<package>openssl1</package>
<package>libopenssl1_0_0</package>
<package>quota</package>
</packages>

<remove-packages config:type="list">
<package>mpt-firmware</package>
</remove-packages>
</software>

Custom User scripts

By adding scripts to the auto-installation process you can customize the installation according to your needs and take control in different stages of the installation.

In the auto-installation process, five types of scripts can be executed and they will be described here in order of "appearance" during the installation.

All scripts have to be in the <scritps> section.

pre-scripts (very early, before anything else really happens)
postpartitioning-scripts (after partitioning and mounting to /mnt but before RPM installation—since openSUSE 11.2 and SLES11 SP3)
chroot-scripts (after the package installation, before the first boot)
post-scripts (during the first boot of the installed system, no services running)
init-scripts (during the first boot of the installed system, all services up and running)

Some examples

1. pre script

<pre-scripts config:type="list">
<script>
<filename>my-test.sh</filename>
<interpreter>shell</interpreter>
<source><![CDATA[#!/bin/sh
echo "This is a dummy pre script"
]]>
</source>
</script>
<aiPreScript/>
</pre-scripts>

2. post scripts

<post-scripts config:type="list">
<script>
<filename>enable_reboot_on_panic.sh</filename>
<source> <![CDATA[#!bin/sh
echo "This is a dummy post script"
]]>
</source>
</script>
</post-scripts>

3. chroot scripts

<chroot-scripts config:type="list">
<script>
<chrooted config:type="boolean">true</chrooted>
<interpreter>shell</interpreter>
<filename>disable-ipv6.sh</filename>
<source>
<![CDATA[
sysctl -w net.ipv6.conf.all.disable_ipv6=1;
echo "net.ipv6.conf.all.disable_ipv6=1">> /etc/sysctl.conf;
]]>
</source>
</script>
</chroot-scripts>

There are many more sections which can be used in an autoyast xml file which goes out of this article's scope. For more information you can always follow the SuSE Documentation

I hope the article was useful.

↧

How to configure NTP client to sync with NTP server during system startup (boot) in (RHEL 7 / CentOS 7) Linux

February 20, 2018, 4:04 am

≫ Next: How to configure Shared Uplink Set Network in HP Flex Virtual Connect using CLI commands with example (cheatsheet)

≪ Previous: Step by Step Guide to create autoyast xml file for SuSE Linux (SLES) with examples

While working on NTP server on my setup I realised that in Red Hat Enterprise Linux when we a service restart for NTPD or chronyd, the local time does not syncs with the NTP server immediately and it takes some time before syncing the local clock

So we have to manually sync the clock with NTP server using ntpdate

But what if a machine went for a reboot with incorrect date and time?

I also wanted to validate this scenario and it turns out NTPD in Red Hat 7 is very poor in handling this compared to SuSE Enterprise Linux 11.

To validate this

I changed the date of my setup

server2:~ # date --set "01 Jan 2018"
Mon Jan 1 00:00:00 IST 2018

Logged a message to understand the time of reboot

server2:~ # logger rebooting

My NTP server is configured properly and is enabled

server2:~ # systemctl is-enabled ntpd
enabled

Next reboot the blade to see if it takes the new date and time

server2:~ # reboot
PolicyKit daemon disconnected from the bus.
We are no longer a registered authentication agent.

From the syslog we see during the shutdown stage the logs were stored with wrong time

Jan 1 00:00:05 server2 deepak: rebooting
Jan 1 00:00:21 server2 systemd: Stopped Dump dmesg to /var/log/dmesg.
Jan 1 00:00:21 server2 systemd: Stopping Dump dmesg to /var/log/dmesg...

Fortunately our hwclock had the correct date and time hence once the system started up it had proper time

Jan 1 00:00:21 server2 systemd: Stopping custom security scripts at start-up...
Jan 1 00:00:21 server2 systemd: Stopping OpenSSH server daemon...
Jan 1 00:00:21 server2 systemd: Stopping (null)...
Feb 20 15:34:50 server2 kernel: microcode: microcode updated early to revision 0x3a, date = 2017-01-30
Feb 20 15:34:50 server2 kernel: Initializing cgroup subsys cpuset
Feb 20 15:34:50 server2 kernel: Initializing cgroup subsys cpu
Feb 20 15:34:50 server2 kernel: Initializing cgroup subsys cpuacct

So let us change the date and time of our hwclock

server2:~ # hwclock --set --date "01 jan 2018"

server2:~ # hwclock ;date
Mon 01 Jan 2018 12:00:14 AM IST -0.547321 seconds
Tue Feb 20 15:41:16 IST 2018

server2:~ # logger rebooting again

server2:~ # reboot

From our syslog as we see the node went for shutdown with proper time since our date had correct time (only hwclock was changed)

Feb 20 15:41:07 server2 deepak: rebooting again
Feb 20 15:41:17 server2 systemd: Stopping custom firewall configuration using iptables...
Feb 20 15:41:17 server2 systemd: Unmounting RPC Pipe File System...
Feb 20 15:41:17 server2 systemd: Stopping system-systemd\x2dfsck.slice.
Feb 20 15:41:17 server2 systemd: Stopped Stop Read-Ahead Data Collection 10s After Complete

Next once again as we see the system attempts to startup, hwclock time is used for logging purpose which for our case was incorrectly set before reboot

Feb 20 15:41:17 server2 systemd: Stopping Pro-active monitoring utility for unix systems...
Feb 20 15:41:17 server2 systemd: Stopping LSB: LinuxICCM Scanner...
Feb 20 15:41:17 server2 systemd: Stopping Self Monitoring and Reporting Technology (SMART) Daemon...
Jan 1 00:02:57 server2 journal: Runtime journal is using 8.0M (max allowed 4.0G, trying to leave 4.0G free of 62.8G available â current limit 4.0G).
Jan 1 00:02:57 server2 kernel: microcode: microcode updated early to revision 0x3a, date = 2017-01-30
Jan 1 00:02:57 server2 kernel: Initializing cgroup subsys cpuset
Jan 1 00:02:57 server2 kernel: Initializing cgroup subsys cpu
Jan 1 00:02:57 server2 kernel: Initializing cgroup subsys cpuacct

But NTPD never syncs the local clock date and time with NTP server until our node is completely UP

Once the node is up after few minutes I observed the local time syncing with NTP

Jan 1 00:04:04 server2 rsyslogd: action 'action 0' resumed (module 'builtin:ompipe') [v8.24.0 try http://www.rsyslog.com/e/2359 ]
Jan 1 00:04:04 server2 rsyslogd: action 'action 0' resumed (module 'builtin:ompipe') [v8.24.0 try http://www.rsyslog.com/e/2359 ]
Jan 1 00:04:04 server2 systemd: Started Stop Read-Ahead Data Collection.
Feb 20 15:47:32 server2 systemd: Time has been changed
Feb 20 15:47:32 server2 rsyslogd: imjournal: journal reloaded... [v8.24.0 try http://www.rsyslog.com/e/0 ]
Feb 20 15:48:19 server2 su: (to root) deepak on pts/0

So you see NTPD is really very slow at this and not very good.
But actually we have few options with NTPD which can be used to tweak this behaviour

We can use ntpdate to forcefully sync the localclock using NTP server before NTPD starts

In Red Hat 7 we have below unit file for ntpdate.service

# systemctl cat ntpdate
# /usr/lib/systemd/system/ntpdate.service
[Unit]
Description=Set time via NTP
After=syslog.target network.target nss-lookup.target
Before=time-sync.target
Wants=time-sync.target

[Service]
Type=oneshot
ExecStart=/usr/libexec/ntpdate-wrapper
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

By default this service is disabled, so enable this service

# systemctl enable ntpdate.service
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpdate.service to /usr/lib/systemd/system/ntpdate.service.

Next modify the NTP server which ntpdate would sync in /etc/ntp/step-tickers

server2:~ # cat /etc/ntp/step-tickers
# List of NTP servers used by the ntpdate service.

192.168.1.100

Next lets again change the hwclock date and time

server2:~ # hwclock --set --date "01 jan 2018"

Add a logger message to monitor the logs

server2:~ # logger "rebooting to test ntpdate"

Lastly reboot the blade

server2:~ # reboot

Now lets monitor our syslog once my node is UP
Here the node went for reboot

Feb 20 15:54:03 server2 deepak: rebooting to test ntpdate
Feb 20 15:54:06 server2 systemd: Stopping custom firewall configuration using iptables...

Here my system started to boot

Feb 20 15:54:06 server2 systemd: Stopping Serial Getty on ttyS0...
Feb 20 15:54:06 server2 systemd: Stopping Getty on tty1...
Jan 1 00:02:56 server2 journal: Runtime journal is using 8.0M (max allowed 4.0G, trying to leave 4.0G free of 62.8G available â current limit 4.0G).
Jan 1 00:02:56 server2 kernel: microcode: microcode updated early to revision 0x3a, date = 2017-01-30
Jan 1 00:02:56 server2 kernel: Initializing cgroup subsys cpuset
Jan 1 00:02:56 server2 kernel: Initializing cgroup subsys cpu
Jan 1 00:02:56 server2 kernel: Initializing cgroup subsys cpuacct

Now since we enabled our ntpdate service I observed that during the system startup ntpdate does a force sync with NTP server

Jan 1 00:03:16 server2 hp-ams[2476]: amsHelper Started . .
Jan 1 00:03:16 server2 systemd: Started HP Agentless Management Service daemon.
Jan 1 00:03:16 server2 cntdb.security: - Setup B&R chain ...
Feb 20 15:57:11 server2 systemd: Time has been changed
Feb 20 15:57:11 server2 ntpdate[2612]: step time server 192.168.1.100 offset 4377234.731233 sec
Feb 20 15:57:11 server2 systemd: Started Set time via NTP.

But again I do not like such dependency and my expectation is that the very first message which gets logged from hwclock must be proper so we have to make sure that before system goes down the hwclock is in sync with local clock

IMPORTANT NOTE: With Red Hat Enterprise 7 when the system clock is synchronized by the Network Time Protocol (NTP) or Precision Time Protocol (PTP), the kernel automatically synchronizes the hardware clock to the system clock every 11 minutes.

But still considering worst case scenario the hwclock was not set properly with system clock and system went for a reboot with wrong hwclock time?

My solution for this was to create a systemd unit file which will be called before shutdown and during startup to make sure

First local time syncs with NTP server
then hwclock is synced with local clock

So with this during reboot our node will always come up with proper time

server1:~ # systemctl cat set_my_clock.service
# /usr/lib/systemd/system/set_my_clock.service
[Unit]
Description=Syncing system and hardware clock

[Service]
Type=oneshot
ExecStart=/etc/init.d/set_my_clock start
ExecStop=/etc/init.d/set_my_clock stop
RemainAfterExit=true

[Install]
WantedBy=basic.target

NOTE: You can also create this file under "/etc/systemd/system" as that is the recommended location from Red Hat

Next create the main script which will do the work
NOTE: I have enabled debugging to monitor the execution during reboot, you can remove the set -x

# cat /etc/init.d/set_my_clock
#!/bin/bash
set -x
case "$1" in

start|stop)
echo "Set Sys time according to Hardware Clock";
# This will force sync the local system clock with NTP server
/sbin/ntpdate -u 192.168.1.00 192.168.1.101;

# This will sync our hwclock with the system clock time
/sbin/hwclock --systohc;
;;

*)
echo "Usage: $0 {start|stop}"
exit 1
;;
esac

echo "done !"
exit 0

Enable this script

# systemctl enable set_my_clock.service

It is time to validate our fix
Let's change the hwclock date and time

server1 # hwclock --set --date "05 Feb 2018"

server1 # date --set "01 Jan 2018"
Mon Jan 1 00:00:00 IST 2018

Lets have a logger message to monitor the logs

server1:~ # logger rebooting

Reboot the node

server1:~ # reboot

Here the shutdown started

Jan 1 00:00:13 server1 deepak: rebooting
Jan 1 00:00:15 server1 systemd: Stopping Availability of block devices...
Jan 1 00:00:15 server1 systemd: Stopped Stop Read-Ahead Data Collection 10s After Completed Startup.

Our script was executed properly during system shutdown but then as you see it is unable to change the current time of the syslog

Jan 1 00:00:15 server1 set_my_clock: + case "$1" in
Jan 1 00:00:15 server1 set_my_clock: + echo 'Set Sys time according to Hardware Clock'
Jan 1 00:00:15 server1 set_my_clock: Set Sys time according to Hardware Clock
Jan 1 00:00:15 server1 set_my_clock: + /sbin/ntpdate -u 192.168.1.100 192.168.1.101

although the system is coming up with proper time so we know our hwclock was synced properly with system clock above

Feb 20 16:41:54 server1 kernel: Initializing cgroup subsys cpuset
Feb 20 16:41:54 server1 kernel: Initializing cgroup subsys cpu
Feb 20 16:41:54 server1 kernel: Initializing cgroup subsys cpuacct

Again during startup

Feb 20 16:42:02 server1 systemd: Starting Syncing system and hardware clock...
Feb 20 16:42:02 server1 set_my_clock: + case "$1" in
Feb 20 16:42:02 server1 set_my_clock: + echo 'Set Sys time according to Hardware Clock'
Feb 20 16:42:02 server1 set_my_clock: Set Sys time according to Hardware Clock
Feb 20 16:42:02 server1 set_my_clock: + /sbin/ntpdate -u 192.168.1.100 192.168.1.101
Feb 20 16:42:02 server1 set_my_clock: 20 Feb 16:42:02 ntpdate[1118]: no servers can be used, exiting
Feb 20 16:42:02 server1 set_my_clock: + /sbin/hwclock --systohc

So with this now our system will come up with proper date and time and we need not be dependent on NTP service daemon for system startup.

I hope the article was useful.

↧

How to configure Shared Uplink Set Network in HP Flex Virtual Connect using CLI commands with example (cheatsheet)

February 22, 2018, 12:02 am

≫ Next: HP iLO4 command line interface (CLI) guide and cheatsheet with examples

≪ Previous: How to configure NTP client to sync with NTP server during system startup (boot) in (RHEL 7 / CentOS 7) Linux

This article gives you CLI based commands and examples to configure your HPE Flex Virtual Connect from scratch

Once you have your Virtual Connect the first thing you have to do is connect all the required Uplink ports with the switch before starting with the configuration.
For this example I will configure a Shared Uplink Set with 3 Uplink port connected from each VC Flex module to the switch.

Below diagram gives an overview of my setup

What we will configure?

Our blade will have 6 interface (ideally there are 8 interface but we intend to use only 6 of them)
There will be three bonds (bond0/bond1/bond2) configured for active backup mode
bond0 will have allowed network bandwidth of 1 GB
bond1 and bond2 will have allowed network bandwidth of 3 GB
3 Shared Uplink set with bond0 interface port connected to X3, bond1 interface port connected to X1, bond2 interface port connected to X5
Smart Link for the Ethernet connection will be enabled
Customised MAC address assigned to bond0 i.e. eth0 and eth1 (first two interface of the blade)
Default MAC Address assigned to all the other interface in the server profile

Let us start configuring our Virtual Connect

Import Enclosure

First of all import the blade information from the enclosure Onboard Administrator

->import enclosure UserName=Administrator Password=My#Password
Importing enclosure, please wait...
SUCCESS: Enclosure imported

*******************************************************************************
IMPORT ENCLOSURE SUMMARY
*******************************************************************************
Enclosure Name : BlrSiteA-01-01
Rack Name : BlrSiteA-01
IP Address : 10.10.10.100
IPv6 Address : fe80::9618:82ff:fe12:254b/64
Status : OK
Status Cause : Enclosure enc0 is normal

It will give you a long list of blade information with other details on the console

Use the below command to show the enclosure details

->show enclosure
===========================================================================
ID Name Import Status Serial Number Part Asset Tag
Number
===========================================================================
enc0 BlrSiteA-01-01 Imported BVD819XY2X 681844-B21

Some basic configuration before I start with network

->set mac-cache Enabled=true
SUCCESS: MAC cache failover settings modified

->set mac-cache Refresh=5
SUCCESS: MAC cache failover settings modified

->set igmp Enabled=false
SUCCESS: IGMP settings modified

->set igmp Timeout=260
SUCCESS: IGMP settings modified

->set enet-vlan SharedServerVLanId=false
SUCCESS: Ethernet settings modified

Creating a user

->add user HPadmin Password=Blr#46713 Enabled=true Privileges=domain,network,storage,server
SUCCESS: User added : HPadmin

->show user
==============================================================================
User Name Roles Role Operations Full Name Contact Info Enabled
==============================================================================
Administrator domain FirmwareUpdate -- -- -- -- true
server PortMonitoring
network RestoreConfig
storage SaveConfig
SupportFiles
------------------------------------------------------------------------------
HPadmin domain FirmwareUpdate -- -- -- -- true
server PortMonitoring
network RestoreConfig
storage SaveConfig
SupportFiles
------------------------------------------------------------------------------

SNMP configuration

Disable SNMPV1,V2 as we intend to use SNMPV3.
NOTE: Here this article is all about network configuration hence I am not elaborating the SNMP configuration section

->set snmp enet EnableV1V2=false
SUCCESS: SNMP configuration settings modified

->set snmp fc EnableV1V2=false
SUCCESS: SNMP configuration settings modified

->set loop-protect Enabled=true
SUCCESS: Ethernet Loop Protect settings modified

Configure Networking

Create Shared Uplink Set
Here we will create three set of shared uplink set for both the VC Flex Net Module

->add uplinkset Test1-NetA-X1 ConnectionMode=Failover
SUCCESS: Shared uplink port set added : Test1-NetA-X1

->add uplinkset Test1-NetB-X1 ConnectionMode=Failover
SUCCESS: Shared uplink port set added : Test1-NetB-X1

Add uplink port to this uplink set for both VC Flex module

->add uplinkport enc0:1:X1 UplinkSet=Test1-NetA-X1 Speed=Auto Role=Primary
SUCCESS: Port added : enc0:1:X1

->add uplinkport enc0:2:X1 UplinkSet=Test1-NetB-X1 Speed=Auto Role=Primary
SUCCESS: Port added : enc0:2:X1

Add Ethernet Network to this uplink (Test1-NetA-X1) for VC Flex module 1 (NetA)

->add network Test1-BOND1-NetA-527 UplinkSet=Test1-NetA-X1 VLanID=527 Labels=BOND1
SUCCESS: Network added : Test1-BOND1-NetA-527

->set network Test1-BOND1-NetA-527 SmartLink=Enabled
SUCCESS: Network modified : Test1-BOND1-NetA-527

->set network Test1-BOND1-NetA-527 PrefSpeedType=Custom PrefSpeed=3000 MaxSpeedType=Custom MaxSpeed=3000
SUCCESS: Network modified : Test1-BOND1-NetA-527

->set network Test1-BOND1-NetA-527 Color=green
SUCCESS: Network modified : Test1-BOND1-NetA-527

Add Ethernet Network to this uplink (Test1-NetB-X1) for VC Flex module 2 (NetB)

->add network Test1-BOND1-NetB-527 UplinkSet=Test1-NetB-X1 VLanID=527 Labels=BOND1
SUCCESS: Network added : Test1-BOND1-NetB-527

->set network Test1-BOND1-NetB-527 SmartLink=Enabled
SUCCESS: Network modified : Test1-BOND1-NetB-527

->set network Test1-BOND1-NetB-527 PrefSpeedType=Custom PrefSpeed=3000 MaxSpeedType=Custom MaxSpeed=3000
SUCCESS: Network modified : Test1-BOND1-NetB-527

->set network Test1-BOND1-NetB-527 Color=green
SUCCESS: Network modified : Test1-BOND1-NetB-527

Similarly we will create 2 more Uplink Set since we have total 6 interface to be configured for bond0/bond1/bond2

->add uplinkset Test1-NetB-X5 ConnectionMode=Failover
SUCCESS: Shared uplink port set added : Test1-NetB-X5

->add uplinkset Test1-NetA-X5 ConnectionMode=Failover
SUCCESS: Shared uplink port set added : Test1-NetA-X5

->add uplinkport enc0:1:X5 UplinkSet=Test1-NetA-X5 Speed=Auto Role=Primary
SUCCESS: Port added : enc0:1:X5

->add uplinkport enc0:2:X5 UplinkSet=Test1-NetB-X5 Speed=Auto Role=Primary
SUCCESS: Port added : enc0:2:X5

Add Ethernet Network to this uplink (Test1-NetA-X5) for VC Flex module 1 (NetA)

->add network Test1_BOND2-NetA-627 UplinkSet=Test1-NetA-X5 VLanID=627 Labels=BOND2
SUCCESS: Network added : Test1_BOND2-NetA-627

->set network Test1_BOND2-NetA-627 SmartLink=Enabled
SUCCESS: Network modified : Test1_BOND2-NetA-627

->set network Test1_BOND2-NetA-627 PrefSpeedType=Custom PrefSpeed=3000 MaxSpeedType=Custom MaxSpeed=3000
SUCCESS: Network modified : Test1_BOND2-NetA-627

->set network Test1_BOND2-NetA-627 Color=blue
SUCCESS: Network modified : Test1_BOND2-NetA-627

Add Ethernet Network to this uplink (Test1-NetB-X5) for VC Flex module 2 (NetB)

->add network Test1-BOND2-NetB-627 UplinkSet=Test1-NetB-X5 VLanID=627 Labels=BOND2
SUCCESS: Network added : Test1-BOND2-NetB-627

->set network Test1-BOND2-NetB-627 SmartLink=Enabled
SUCCESS: Network modified : Test1-BOND2-NetB-627

->set network Test1-BOND2-NetB-627 PrefSpeedType=Custom PrefSpeed=3000 MaxSpeedType=Custom MaxSpeed=3000
SUCCESS: Network modified : Test1-BOND2-NetB-627

->set network Test1-BOND2-NetB-627 Color=blue
SUCCESS: Network modified : Test1-BOND2-NetB-627

Lets create our third shared uplink set

->add uplinkset Test1-NetA-X3 ConnectionMode=Failover
SUCCESS: Shared uplink port set added : Test1-NetA-X3

->add uplinkport enc0:1:X3 UplinkSet=Test1-NetA-X3
SUCCESS: Port added : enc0:1:X3

->add uplinkset Test1-NetB-X3 ConnectionMode=Failover
SUCCESS: Shared uplink port set added : Test1-NetB-X3

->add uplinkport enc0:2:X3 UplinkSet=Test1-NetB-X3
SUCCESS: Port added : enc0:2:X3

Add Ethernet Network to this uplink (Test1-NetA-X3) for VC Flex module 2 (NetA)

->add network Test1-BOND0-NetA-427 UplinkSet=Test1-NetA-X3 VLanID=427 Labels=BOND0
SUCCESS: Network added : Test1-BOND0-NetA-427

->set network Test1-BOND0-NetA-427 SmartLink=Enabled
SUCCESS: Network modified : Test1-BOND0-NetA-427

->set network Test1-BOND0-NetA-427 PrefSpeedType=Custom PrefSpeed=1000 MaxSpeedType=Custom MaxSpeed=1000
SUCCESS: Network modified : Test1-BOND0-NetA-427

->set network Test1-BOND0-NetA-427 Color=orange
SUCCESS: Network modified : Test1-BOND0-NetA-427

Add Ethernet Network to this uplink (Test1-NetB-X3) for VC Flex module 2 (NetB)

->add network Test1-BOND0-NetB-427 UplinkSet=Test1-NetB-X3 VLanID=427 Labels=BOND0
SUCCESS: Network added : Test1-BOND0-NetB-427

->set network Test1-BOND0-NetB-427 SmartLink=Enabled
SUCCESS: Network modified : Test1-BOND0-NetB-427

->set network Test1-BOND0-NetB-427 PrefSpeedType=Custom PrefSpeed=1000 MaxSpeedType=Custom MaxSpeed=1000
SUCCESS: Network modified : Test1-BOND0-NetB-427

->set network Test1-BOND0-NetB-427 Color=orange
SUCCESS: Network modified : Test1-BOND0-NetB-427

Create Server profile

->add profile server1 -NoDefaultEnetConn -NoDefaultFcConn -NoDefaultFCoEConn
SUCCESS: Profile added : server1

here we are providing a custom user defined MAC Address for our first two interface i.e. bond0

->add enet-connection server1 AddressType=User-Defined EthernetMAC=00-17-A4-77-00-14 iScsiMAC=00-17-A4-77-00-15
SUCCESS: Connection added to server profile : server1

->add enet-connection server1 AddressType=User-Defined EthernetMAC=00-17-A4-77-00-16 iScsiMAC=00-17-A4-77-00-17
SUCCESS: Connection added to server profile : server1

Next create 4 default enet connections for bond1 and bond2

->add enet-connection server1
SUCCESS: Connection added to server profile : server1

->add enet-connection server1
SUCCESS: Connection added to server profile : server1

->add enet-connection server1
SUCCESS: Connection added to server profile : server1

->add enet-connection server1
SUCCESS: Connection added to server profile : server1

Next assign the Ethernet Network we created above to respective enet-connections here. For our case we are also restricting the bandwidth of each interface. For bond0 we intend to restrict bandwidth to

1 GB and enable PXE for the first interface
->set enet-connection server1 1 Network=Test1-BOND0-NetA-427 SpeedType=Custom Speed=1000 PXE=Enabled
SUCCESS: Connection modified : server1

->set enet-connection server1 2 Network=Test1-BOND0-NetB-427 SpeedType=Custom Speed=1000 PXE=UseBios
SUCCESS: Connection modified : server1

For bond1 and bond2 we will restrict the bandwidth to 3 GB and PXE will be disabled

->set enet-connection server1 3 Network=Test1-BOND1-NetA-527 SpeedType=Custom Speed=3000 PXE=UseBios
SUCCESS: Connection modified : server1

->set enet-connection server1 4 Network=Test1-BOND1-NetB-527 SpeedType=Custom Speed=3000 PXE=UseBios
SUCCESS: Connection modified : server1

->set enet-connection server1 5 Network=Test1_BOND2-NetA-627 SpeedType=Custom Speed=3000 PXE=UseBios
SUCCESS: Connection modified : server1

->set enet-connection server1 6 Network=Test1-BOND2-NetB-627 SpeedType=Custom Speed=3000 PXE=UseBios
SUCCESS: Connection modified : server1

Assign server profile to bay1

Lastly once all the required enet-connections are created we will assign this profile to blade 1

->assign profile server1 enc0:1
SUCCESS: Profile 'server1' assigned to device bay enc0:1

Similarly more profiles must be created for every blade in the enclosure.
Next power on the blade and you can start working on it.

↧

HP iLO4 command line interface (CLI) guide and cheatsheet with examples

February 23, 2018, 1:44 am

≫ Next: How to set date and time in iLO3 / iLO4 using SNTP and RIBCL scripts from Onboard Administrator in HP Proliant Blades

≪ Previous: How to configure Shared Uplink Set Network in HP Flex Virtual Connect using CLI commands with example (cheatsheet)

With below article I will share some of the important commands which can be used to configure and manage HPE based integrated Lights Out Manager (iLO4)

Assuming your iLO is only configured via OA and it doesnot has any other active user account then you will not be able to do a direct ssh to your iLO

Login to your Onboard Administrator using any CLI based ssh client
Once connected execute below command

BlrSiteA1-01-01> CONNECT SERVER 01

Connecting to bay 1 ...
User:OAtmp-HPadmin-5A1FB897 logged-in to 17-inst01-a.BlrSiteA(192.168.1.10 / FE80::7210:6FFF:FEC0:153A)

iLO 4 Advanced for BladeSystem 2.55 at Aug 16 2017
Server Name: enclosure1
Server Power: On

</>hpiLO->

Now since you have successfully connected to your iLO let us start configuring and managing our iLO

Create User

In the below command we are creating HPadmin user with password as Passw0rd

</>hpiLO-> create /map1/accounts1 username=HPadmin password=Passw0rd

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 10:47:57 2018

User added successfully.

Show the list of users

</>hpiLO-> show /map1/accounts1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 11:01:17 2018

/map1/accounts1
Targets
Administrator
HPadmin
emergency
Properties
Verbs
cd version exit show create delete set

Changing password of a user

</>hpiLO-> set /map1/accounts1/emergency password=Passw0rd

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 11:06:25 2018

Firmware Commands

To view the firmware of the iLO

To check the firmware of your iLO4 use the below command
</>hpiLO-> show /map1/firmware1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 11:07:42 2018

/map1/firmware1
Targets
Properties
version=2.55
date=Aug 16 2017
name=iLO 4
Verbs
cd version exit show load

Network Configuration

IMPORTANT NOTE: After modifying network related configuration the iLO will RESET to activate the new changes

To view the assigned network of the blade

</>hpiLO-> show /map1/enetport1/lanendpt1/ipendpt1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:06:42 2018

/map1/enetport1/lanendpt1/ipendpt1
Targets
Properties
IPv4Address=10.10.10.100
SubnetMask=255.255.255.0
AddressOrigin=Static
Verbs
cd version exit show set

To assign management IP to the blade iLO page

</>hpiLO-> set /map1/enetport1/lanendpt1/ipendpt1 IPv4Address=10.10.10.100 SubnetMask=255.255.255.0

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:10:49 2018

Network settings change applied.

Settings change applied, iLO 4 will now be reset.
Logged Out: It may take several minutes before you can log back in.

CLI session stopped

Change or modify the gateway of the management IP

</>hpiLO-> set /map1/gateway1 AccessInfo=10.10.10.254

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:14:39 2018

Network settings change applied.

Settings change applied, iLO 4 will now be reset.
Logged Out: It may take several minutes before you can log back in.

CLI session stopped

Similarly you can also configure DNS server if you have any
NOTE: You can set upto 3 dnsserver for the blade

To add a dns server use the below command

</>hpiLO-> set /map1/dnsserver1 AccessInfo=1.2.3.4

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:18:03 2018

Network settings change applied.

Settings change applied, iLO 4 will now be reset.
Logged Out: It may take several minutes before you can log back in.

CLI session stopped

Enable or disable DHCP

To view the existing dhcpd status of the iLO

</>hpiLO-> show /map1/dhcpendpt1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:19:04 2018

/map1/dhcpendpt1
Targets
Properties
EnabledState=no
OtherTypeDescription=DHCP
Verbs
cd version exit show set

To enable ro disable this use below command

</>hpiLO-> set /map1/dhcpendpt1 EnabledState=no

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:19:48 2018

Network settings change applied.

Settings change applied, iLO 4 will now be reset.
Logged Out: It may take several minutes before you can log back in.

CLI session stopped

Configure SNMP

To view the existing SNMP configuration

</>hpiLO-> show /map1/snmp1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:22:21 2018

/map1/snmp1
Targets
Properties
accessinfo1=0
readcom1=""
trapcom1=""
accessinfo2=0
readcom2=""
trapcom2=""
accessinfo3=0
readcom3=""
trapcom3=""
oemhp_iloalert=yes
oemhp_agentalert=yes
oemhp_snmppassthru=no
oemhp_agentlessenable=yes
oemhp_systemlocation=""
oemhp_systemcontact=""
oemhp_systemrole=""
oemhp_systemroledetail1=""
oemhp_systemroledetail2=""
oemhp_systemroledetail3=""
oemhp_systemroledetail4=""
oemhp_systemroledetail5=""
oemhp_imagenturl=server1
oemhp_imdatalevel=enabled
oemhp_coldstarttrap=yes
oemhp_trapsource=iLO Hostname
Verbs
cd version exit show set

To configure new SNMP value

</>hpiLO-> set /map1/snmp1 accessinfo1=1.2.3.4

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:26:30 2018

SNMP settings modified.

Set the system location

</>hpiLO-> set /map1/snmp1/ oemhp_systemlocation="Bangalore"

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:28:11 2018

SNMP settings modified.

Set system point of contact

</>hpiLO-> set /map1/snmp1/ oemhp_systemcontact="Deepak Prasad"

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:28:44 2018

SNMP settings modified.

Set the role of the engineer

</>hpiLO-> set /map1/snmp1/ oemhp_systemrole="Engineer"

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:29:01 2018

SNMP settings modified.

Finally view the modified changes

</>hpiLO-> show /map1/snmp1/

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:29:06 2018

/map1/snmp1
Targets
Properties
accessinfo1=1.2.3.4
readcom1=""
trapcom1=""
accessinfo2=0
readcom2=""
trapcom2=""
accessinfo3=0
readcom3=""
trapcom3=""
oemhp_iloalert=yes
oemhp_agentalert=yes
oemhp_snmppassthru=no
oemhp_agentlessenable=yes
oemhp_systemlocation="Bangalore"
oemhp_systemcontact="Deepak Prasad"
oemhp_systemrole="Engineer"
oemhp_systemroledetail1=""
oemhp_systemroledetail2=""
oemhp_systemroledetail3=""
oemhp_systemroledetail4=""
oemhp_systemroledetail5=""
oemhp_imagenturl=server1
oemhp_imdatalevel=enabled
oemhp_coldstarttrap=yes
oemhp_trapsource=iLO Hostname
Verbs
cd version exit show set

Assign Name to the blade

IMPORTANT NOTE: The iLO will reset after executing this command hence the connection the iLO will be lost, reconnect to the iLO4 in a couple of minutes

</>hpiLO-> set /map1/enetport1 SystemName=server1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 11:08:33 2018

Network settings change applied.

Settings change applied, iLO 4 will now be reset.
Logged Out: It may take several minutes before you can log back in.

CLI session stopped

Connection terminated by server.

Re-connect to the iLO once it is UP again after activating the changes

BlrSiteA1-01-01> CONNECT SERVER 02

Connecting to bay 2 ...
User:OAtmp-HPadmin-5A2FB954 logged-in to server1.BlrSiteA(10.10.10.100 / FE80::7210:6FFF:FEC0:1526)

iLO 4 Advanced for BladeSystem 2.55 at Aug 16 2017
Server Name: server1
Server Power: On

</>hpiLO->

Validate your changes

</>hpiLO-> show /map1/enetport1/ SystemName

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:13:38 2018

/map1/enetport1
Properties
SystemName=server1
Verbs
cd version exit show set

Set and show power related values

Below table can be used to understand the meaning of different power values

Syntax

show /system1/oemhp_power1 <variable>
set /system1/oemhp_power1 <variable=value>

For example to view the power reading value from last 24h

</>hpiLO-> show /system1/oemhp_power1 oemhp_AvgPower

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 11:18:50 2018

/system1/oemhp_power1
Properties
oemhp_AvgPower=82 Watts
Verbs
cd version exit show set

To modify the power on delay value

</>hpiLO-> set /system1/oemhp_power1 oemhp_auto_pwr=15

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 11:53:16 2018

View and change boot order

To view all the available boot option

</>hpiLO-> show /system1/bootconfig1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:05:52 2018

/system1/bootconfig1
Targets
bootsource1
bootsource2
bootsource3
bootsource4
bootsource5
Properties
oemhp_bootmode=Legacy
oemhp_secureboot=Not Available
oemhp_pendingbootmode=Legacy
Verbs
cd version exit show set

You can view the individual bootsource to understand the media mapped to the respective bootsource

The boot source targets and matching boot source values do not change. The values for bootsource are:
• bootsource1: BootFmCd
• bootsource2: BootFmFloppy
• bootsource3: BootFmDrive
• bootsource4: BootFmUSBKey
• bootsource5: BootFmNetwork

To view the boot order of "individual boot source"

</>hpiLO-> show /system1/bootconfig1/bootsource1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:24:03 2018

/system1/bootconfig1/bootsource1
Targets
Properties
bootorder=2
bootdevice=BootFmCd
Verbs
cd version exit show set

To view the boot order of all the available boot source

</>hpiLO-> show -all /system1/bootconfig1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:19:59 2018

/system1/bootconfig1
Targets
bootsource1
bootsource2
bootsource3
bootsource4
bootsource5
Properties
oemhp_bootmode=Legacy
oemhp_secureboot=Not Available
oemhp_pendingbootmode=Legacy
Verbs
cd version exit show set

/system1/bootconfig1/bootsource1
Targets
Properties
bootorder=1
bootdevice=BootFmCd
Verbs
cd version exit show set

/system1/bootconfig1/bootsource2
Targets
Properties
bootorder=2
bootdevice=BootFmDisk
Verbs
cd version exit show set

/system1/bootconfig1/bootsource3
Targets
Properties
bootorder=3
bootdevice=BootFmUSBKey
Verbs
cd version exit show set

/system1/bootconfig1/bootsource4
Targets
Properties
bootorder=4
bootdevice=BootFmNetwork1
Verbs
cd version exit show set

/system1/bootconfig1/bootsource5
Targets
Properties
bootorder=5
bootdevice=BootFmNetwork2
Verbs
cd version exit show set

To change the boot order
Here I am changing my first boot device to HDD

</>hpiLO-> set /system1/bootconfig1/bootsource2 bootorder=1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:22:25 2018

Bootorder being set.

bootsource2=BootFmDisk bootorder=1
bootsource1=BootFmCd bootorder=2
bootsource3=BootFmUSBKey bootorder=3
bootsource4=BootFmNetwork1 bootorder=4
bootsource5=BootFmNetwork2 bootorder=5

LED commands

To show the LED status

</>hpiLO-> show /system1/led1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:25:56 2018

/system1/led1
Targets
Properties
enabledstate=disabled
Verbs
cd version exit show start stop

To start the LED

</>hpiLO-> start /system1/led1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:26:51 2018

Virtual Media Commands

To mount a cd or dvd image you must have the location of the iso image
As you see currently there is no image mounted on my iLO

</>hpiLO-> show /map1/oemhp_vm1/cddr1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:31:25 2018

/map1/oemhp_vm1/cddr1
Targets
Properties
oemhp_image=None
oemhp_connect=No
oemhp_boot=No_Boot
oemhp_wp=No
vm_applet=No
Verbs
cd version exit show set

To mount an iso available on http server
The oemhp image value is a URL. The URL, which is limited to 80 characters, specifies the location of the virtual media image file on an HTTP server and is in the same format as the scriptable virtual media image location.

URL example: protocol://username:password@hostname:port/filename

• protocol—Mandatory field that must be HTTP or HTTPS
• username:password—Optional field
• hostname—Mandatory field
• port—Optional field
• filename—Mandatory field

</>hpiLO-> cd /map1/oemhp_vm1/cddr1

</map1/oemhp_vm1/cddr1>hpiLO-> set oemhp_image=http://10.43.22.100/bp-server-sum-2017-10-v2.iso

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:36:14 2018

</>hpiLO-> set /map1/oemhp_vm1/cddr1 oemhp_boot=connect

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:39:07 2018

To view the changes

</map1/oemhp_vm1/cddr1>hpiLO-> show

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:39:28 2018

/map1/oemhp_vm1/cddr1
Targets
Properties
oemhp_image=http://10.43.22.100/bp-server-sum-2017-10-v2.iso
oemhp_connect=Yes
oemhp_boot=Always
oemhp_wp=Yes
vm_applet=No
Verbs
cd version exit show set

To disconnect the dvd/cd image

</>hpiLO-> set /map1/oemhp_vm1/cddr1 oemhp_boot=disconnect

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:39:58 2018

To set one time boot menu for the inserted DVD

</>hpiLO-> set /map1/oemhp_vm1/cddr1 oemhp_boot=once

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 12:54:33 2018

Blade commands

To view the blade details and blade slot in the rack
Here we know now that the connected blade is on bay 2 and the enclosure IP Address is 192.168.1.10

</>hpiLO-> show /map1/blade1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:33:51 2018

/map1/blade1
Targets
rack
Properties
bay_number=2
auto_power=on
ip_address=192.168.1.10
mac_address=94:18:82:72:25:4b
sys_health=OK
Verbs
cd version exit show set

CPU Commands

To view the CPU information of the blade

</>hpiLO-> show /system1/cpu1

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:36:21 2018

/system1/cpu1
Targets
Properties
name=Intel(R) Xeon(R) CPU E5-2640 v3 @ 2.60GHz
status=OK
number_cores=8
active_cores=8
threads=16
speed=2600MHz
memory_technology=64-bit Capable
cachememory1=512KB
cachememory2=2048KB
cachememory3=20480KB
Verbs
cd version exit show

</>hpiLO-> show /system1/cpu2

status=0
status_tag=COMMAND COMPLETED
Fri Feb 23 13:36:24 2018

/system1/cpu2
Targets
Properties
name=Intel(R) Xeon(R) CPU E5-2640 v3 @ 2.60GHz
status=OK
number_cores=8
active_cores=8
threads=16
speed=2600MHz
memory_technology=64-bit Capable
cachememory1=512KB
cachememory2=2048KB
cachememory3=20480KB
Verbs
cd version exit show

References:
iLO4 Scripting and Command Line Guide

I hope the article was useful

↧

How to set date and time in iLO3 / iLO4 using SNTP and RIBCL scripts from Onboard Administrator in HP Proliant Blades

February 22, 2018, 3:01 am

≫ Next: How to make bootable Pendrive (USB) to install Windows, Linux, VMware from an ISO

≪ Previous: HP iLO4 command line interface (CLI) guide and cheatsheet with examples

By default iLO is configured to use Date and Time information as set in the BIOS but that is not very reliable.

I would have expected an iLO to connect with Onboard Administrator and get the time synced and we would only make sure our OA is synced with NTP server but here HPE asks us to configure SNTP (Simple Network Time Protocol) on all the iLOs for them to reflect correct date and time.

If it is one blade then there is not much effort but assuming we have 100s of blades obviously you would not login to each iLO and update the SNTP server details.
This can be performed on a large scale using Onboard Administrator.

NOTE: The default polling interval for SNTP is 30 minutes and an iLO reset is needed to activate the SNTP related changes

IMPORTANT NOTE:
Executing RIBCL scripts is not supported on older firmware versions of Onboard Administrator and iLO4. Below steps are executed and tested from OA 4.40 and higher and iLO4 2.40 and higher

There is no SNTP support for iLO-2, the iLO date and time can be synchronised through the following:

System ROM (during POST)
Insight Management Agents (in the OS)

I have not validated the steps on iLO3 but as per HPE this should also work on iLO3 so attempt in your lab setup before trying this on production environment.

Below RIBCL script can be used to update the SNTP values for the iLO, here replace the fields highlighted with yellow with the values as per your environment.

hponcfg 11<< eof
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="HPadmin" PASSWORD="Passw0rd">
<RIB_INFO MODE="write">
<MOD_NETWORK_SETTINGS>
<DHCP_SNTP_SETTINGS value="No"/>
<DHCPV6_SNTP_SETTINGS value="No"/>
<SNTP_SERVER1 value="10.10.10.11"/>
<SNTP_SERVER2 value="10.10.10.12"/>
<TIMEZONE value="Asia/Kolkata"/>
</MOD_NETWORK_SETTINGS>
</RIB_INFO>
</LOGIN>
</RIBCL>
eof

Login to the Onboard Administrator with a user having Administrator privilege using an ssh client like Putty

If you intend to update SNTP only for one server then provide the bay number of the respective bay in the below highlighted section (copy and paste the entire section on the OA CLI console)

BlrSiteA1-01-01> hponcfg 11<< eof
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="HPadmin" PASSWORD="Passw0rd">
<RIB_INFO MODE="write">
<MOD_NETWORK_SETTINGS>
<DHCP_SNTP_SETTINGS value="No"/>
<DHCPV6_SNTP_SETTINGS value="No"/>
<SNTP_SERVER1 value="10.10.10.11"/>
<SNTP_SERVER2 value="10.10.10.12"/>
<TIMEZONE value="Asia/Kolkata"/>
</MOD_NETWORK_SETTINGS>
</RIB_INFO>
</LOGIN>
</RIBCL>
eof

Below would be the execution output

Bay 11: Executing RIBCL request ...
Bay 11: Awaiting RIBCL results ...
Bay 11: RIBCL results retrieved.




<?xml version="1.0"?>
<RIBCL VERSION="2.23">
<RESPONSE
STATUS="0x0000"
MESSAGE='No error'
/>
</RIBCL>
<?xml version="1.0"?>
<RIBCL VERSION="2.23">
<RESPONSE
STATUS="0x0000"
MESSAGE='No error'
/>
</RIBCL>
<?xml version="1.0"?>
<RIBCL VERSION="2.23">
<RESPONSE
STATUS="0x0000"
MESSAGE='No error'
/>
</RIBCL>
<?xml version="1.0"?>
<RIBCL VERSION="2.23">
<RESPONSE
STATUS="0x0000"
MESSAGE='No error'
/>
</RIBCL>
<?xml version="1.0"?>
<RIBCL VERSION="2.23">
<RESPONSE
STATUS="0x0000"
MESSAGE='No error'
/>
</RIBCL>

Next perform iLO reset to activate the changes
Execute below command from the Oanboard Administrator CLI

> reset ilo 11

Entering anything other than 'YES' will result in the command not executing.

Are you sure you want to reset iLO? YES

Bay 11: Resetting iLO using Hardware reset...

Bay 11: Successfully reset iLO through Hardware reset

If you have multiple blades on which you wish to update the SNTP value then replace "11" with the list of blades separated by comma

For example:
Below will be executed only on blade 11

Below script will be called on blade 11,12,13

hponcfg 11,12,13<< eof
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="HPadmin" PASSWORD="Passw0rd">
<RIB_INFO MODE="write">
<MOD_NETWORK_SETTINGS>
<DHCP_SNTP_SETTINGS value="No"/>
<DHCPV6_SNTP_SETTINGS value="No"/>
<SNTP_SERVER1 value="10.10.10.11"/>
<SNTP_SERVER2 value="10.10.10.12"/>
<TIMEZONE value="Asia/Kolkata"/>
</MOD_NETWORK_SETTINGS>
</RIB_INFO>
</LOGIN>
</RIBCL>
eof

If you wish to execute the script on all the blades of the enclosure

hponcfg all<< eof
<RIBCL VERSION="2.0">
<LOGIN USER_LOGIN="HPadmin" PASSWORD="Passw0rd">
<RIB_INFO MODE="write">
<MOD_NETWORK_SETTINGS>
<DHCP_SNTP_SETTINGS value="No"/>
<DHCPV6_SNTP_SETTINGS value="No"/>
<SNTP_SERVER1 value="10.10.10.11"/>
<SNTP_SERVER2 value="10.10.10.12"/>
<TIMEZONE value="Asia/Kolkata"/>
</MOD_NETWORK_SETTINGS>
</RIB_INFO>
</LOGIN>
</RIBCL>
eof

You can also configure SNTP manually using the iLO4 web page.

Open the iLO using any supported browser (preferred IE)

Navigate to Network -> iLO Dedicated Network Port
Select "SNTP" from the Menu TAB as shown and provide the NTP server address details

Next to activate the changes reset your iLO using the RESET TAB under Diagnostics option as shown below

I hope the article was useful.

↧

How to make bootable Pendrive (USB) to install Windows, Linux, VMware from an ISO

February 26, 2018, 11:42 pm

≫ Next: Step by step tutorial guide with screenshots to Install and Configure VMware ESXi 6.5

≪ Previous: How to set date and time in iLO3 / iLO4 using SNTP and RIBCL scripts from Onboard Administrator in HP Proliant Blades

Below I am going to show how to make bootable perdrive with ISO.

To Install Windows

You can use the link http://www.softsea.com/download/ISO-to-USB.html to download ISO to USB software for windows ISO images.

Install the software on your local desktop or laptop and open it

Select the ISO file downloaded using the browse button on the right.
Select the USB drive which you want to make it bootable. if you don't find the USB click on refresh to refresh the list.
Give the required USB name in Volume Label.
Check the box of Bootable, only support windows bootable ISO image to make the USB bootable.

Click Burn to burn the ISO to USB.

you will get a warning saying that all the data will be erased from USB and it will get formatted. click on yes and the status bar starts.

Once the burn is complete click on OK. if you prompted with any error burn again using the same steps.

To Install Linux distributions and VMware

You can use the link https://rufus.akeo.ie/downloads/rufus-2.18.exe to download rufus to make bootable usb.

Run the software as Administrator

Select the USB pendrive in device tab which you want to make bootable
Leave Partition scheme, File system, Cluster size default value
Enter the label name which you required
Select the ISO image using the cd drive symbol on the software and leave other entries default
Click start to burn the image to USB

Keep the option in Write in ISO image mode and click ok
Now your USB is ready for installation.

↧

Step by step tutorial guide with screenshots to Install and Configure VMware ESXi 6.5

March 1, 2018, 10:32 pm

≫ Next: How to reset iLO4 password remotely using Onboard Administrator

≪ Previous: How to make bootable Pendrive (USB) to install Windows, Linux, VMware from an ISO

Download the ISO from VMware and write it to DVD or Pendrive in bootable mode.

How to make bootable Pendrive (USB) to install Windows, Linux, VMware from an ISO

NOTE: If the target blade has iLO console then you can directly mount the downloaded ISO using the iLO virtual media

Insert the DVD in server and start the server with bootable media as DVD or pendrive

After loading the image it will prompt with warning message as

Enter to continue the setup

Press F11 to accept the License Agreement and continue

It will load all the available devices on the server and prompt for selecting storage devices. It will show all the local and remote storage devices. here I have only one storage device so I will select it and enter to continue

Select the keyboard layout you are using. here I am using US so selecting the US default keyboard layout

Enter the root password to manage the server and enter to continue

Press F11 to start the installation

Once the installation is completed remove the DVD or Pen-drive and press Enter to reboot the server.

Once the server is UP post reboot it will start loading the Esxi 6.5 which will take a while.
Wait for the below screen to appear on the console

If you have the DHCP server in the network it will take the IP automatically. you can use this IP to access vSpere web client or you can follow below steps to configure the static IP to the network:

Configure Static network for the ESXi

1. Click F2 to Customise system. Enter the root password which we have set at the time of installation.

2. Go to Configure Management Network and hit Enter

3. Go to Network Adapter and select the correct adapter which you want to use it as management network adapter.

Then go to IPv4 configuration

4. Select Set static IPv4 address and fill all the required tabs then click OK

5. Go to DNS configuration and fill all the DNS servers and Hostname for the server.

6. Press Esc key to go back to the main console and then Y when the below windows prompts to save and Restart the Management network

7. Select Test Management Network in main menu and click enter to start the test

If the gateway and DNS test pass then your Network configuration is correct or else you have made some mistake while configuring the Management network

NOTE: If the Hostname doesn't resolve then make entry for the proper host name in your DNS server. If the Resolving hostname fails you can use the IP to access.

To connect to vSphere Web client go to any browser and enter the IP with https:// then an certificate error page appears

Click Advanced and proceed to the website unsafe. it will prompt to vSphere Web client

Provide the correct root username and password and login to Esxi 6.5 Web client

I hope the article was useful

↧