Book Image

Oracle Linux Cookbook

By : Erik Benner, Erik B. Thomsen, Jonathan Spindel
Book Image

Oracle Linux Cookbook

By: Erik Benner, Erik B. Thomsen, Jonathan Spindel

Overview of this book

Discover the power of Oracle Linux 8, the free and enterprise-grade Linux distribution designed for use in any environment, with this recipe-style book. Starting with instructions on how to obtain Oracle Linux for both X86 and ARM-based platforms, this book walks you through various installation methods, from running it as a Windows service to installing it on a Raspberry Pi. It unravels advanced topics such as system upgrades using Leapp for major version transitions and using a PXE server and kickstart files for more advanced installations. The book then delves into swapping kernels to take advantage of Oracle’s UEK, exploring boot options, managing software with DNF, and achieving high availability. Detailed recipes involving security topics will assist with tasks such as data encryption, both at rest and in motion. For developers, it offers guidance on building RPM files, using Docker and Podman in a containerized environment, working with AppStreams, and more. For large-scale deployments, the book introduces Oracle Linux Automation Manager for enterprise-level Ansible utilization, from setting up the Ansible server to basic playbook writing. Finally, you’ll discover strategies for cloud migration. By the end of this book, you’ll possess a comprehensive toolkit that will elevate your skills as a Linux administrator.

Related Content you might be interested in

Current Title:

Small book image
Oracle Linux Cookbook
Erik Benner | Erik B. Thomsen | Jonathan Spindel
Jan, 2024 | 548 pages
Small book image
Red Hat Enterprise Linux 9 Administration
Pedro Ibantildeez | Scott McCarty | Miguel Pérez Colino | Pablo Iranzo Gómez
Nov, 2022 | 530 pages
Small book image
Red Hat Enterprise Linux 8 Administration
Scott McCarty | Miguel Pérez Colino | Pablo Iranzo Gómez
Nov, 2021 | 534 pages
Small book image
Podman for DevOps
Gianni Salinetti | Alessandro Arrichiello
Apr, 2022 | 518 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Conventions used
Sections
Get in touch
Reviews
Share Your Thoughts
Download a free PDF copy of this book
1
Chapter 1: Oracle Linux 8 – Get It? Got It? Good!
Chapter 1: Oracle Linux 8 – Get It? Got It? Good!
Technical requirements
Oracle Linux 8 – which ISO is right? USB? Does anyone use DVDs?
Burning an ISO so it’s bootable
Two for the price of one – running Oracle Linux on Windows Subsystem for Linux (WSL)
Arm'ing for the future of IT – it’s not just a slice of Raspberry Pi
Leapping from Oracle Linux 7 to 8
Migrating from CentOS to Oracle Linux
Free Chapter
2
Chapter 2: Installing with and without Automation Magic
Chapter 2: Installing with and without Automation Magic
Technical requirements
Automating the OS install options with kickstart
DHCP server – more than just IPs
Setting up the web server – HTTPD
Serving up the boot – TFTPD
Back in the day – a manual installation
Appendix – kickstart options
3
Chapter 3: Exploring the Various Boot Options and Kernels in Oracle Linux
Chapter 3: Exploring the Various Boot Options and Kernels in Oracle Linux
Kernel basics – UEK and RHCK
Kernel basics – UEK and RHCK
Playing with UEFI
Playing with Secure Boot
TrenchBoot – improving boot security and integrity
Removing the RHCK
4
Chapter 4: Creating and Managing Single-Instance Filesystems
Chapter 4: Creating and Managing Single-Instance Filesystems
Technical requirements
What you need to know about local filesystems
Btrfs – creating, resizing, and monitoring
Btrfs – subvolumes, snapshots, quotas, and more
Protecting data with mdadm – a software RAID solution
Playing with logical volume management
XFS – creating, modifying, and more
5
Chapter 5: Software Management with DNF
Chapter 5: Software Management with DNF
What have they done to YUM, moving to DNF?
Using the DNF time machine
Building a DNF/YUM mirror from ULN
Creating a new RPM package
6
Chapter 6: Eliminating All the SPOFs! An Exercise in Redundancy
Chapter 6: Eliminating All the SPOFs! An Exercise in Redundancy
Technical requirements
Getting 99.999% availability and beyond
Load balancing a website
Making HAProxy highly available with Keepalived
HA clustering for all with Corosync and Pacemaker
Sharing a filesystem across multiple machines – cluster or distribute?
Generating, configuring, and monitoring Ethernet traffic over bond
7
Chapter 7: Oracle Linux 8 – Patching Doesn’t Have to Mean Rebooting
Chapter 7: Oracle Linux 8 – Patching Doesn’t Have to Mean Rebooting
Setting up Ksplice with internet access
Using Ksplice with no internet access
Installing and enabling Known Exploit Detection
8
Chapter 8: DevOps Automation Tools – Terraform, Ansible, Packer, and More
Chapter 8: DevOps Automation Tools – Terraform, Ansible, Packer, and More
Technical requirements
Do it once manually – rinse and repeat with Terraform
Creating portable roles for Ansible
Managing secrets with Ansible Vault
Cooking up the perfect lab environment with Vagrant
Using Packer to modify source images
Pack it up, pack it in, let me begin, err, umm… build
9
Chapter 9: Keeping the Data Safe – Securing a System
Chapter 9: Keeping the Data Safe – Securing a System
Technical requirements
Signing Git commits with GPG
Encrypting all web traffic
Encrypting all data at rest
Validating adherence to a compliance policy
Port protection and restricting network access
Keeping SELinux active
10
Chapter 10: Revisiting Modules and AppStreams
Chapter 10: Revisiting Modules and AppStreams
Technical requirements
Searching and listing AppStream modules
Installing applications and development tools via AppStream
Using AppStreams to install different versions of software
Removing packages via AppStream
11
Chapter 11: Lions, Tigers, and Containers – Oh My! Podman and Friends
Chapter 11: Lions, Tigers, and Containers – Oh My! Podman and Friends
Technical requirements
Ridding yourself of demons – err um – daemons, with Podman
Giving your containers a root canal
Creating handy-dandy utility containers
Docker Compose with Podman
Managing stacks with pods
Containerized databases
Buildah and Skopeo – Podman’s friends with benefits
12
Chapter 12: Navigating Ansible Waters
Chapter 12: Navigating Ansible Waters
Installing OLAM
Zip through configuring and managing OLAM from the foundation up
OLAM isn’t fantasy football, but they both use playbooks
Controlling the patching chaos
Look beyond automation
Set it and forget it
13
Chapter 13: Let’s All Go to the Cloud
Chapter 13: Let’s All Go to the Cloud
Technical requirements
Oracle Linux in the cloud
Making Docker Desktop more manageable with Portainer
Using VirtualBox to springboard VMs to OCI
For everyone else, let’s make custom images for AWS
14
Index
Index
Why subscribe?
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

DHCP server – more than just IPs

The DHCP server will be running a standard DHCP server that is available with Oracle Linux 8. Installation of DHCP is straightforward.

Getting ready

To set up a DHCP server, you will need an Oracle Linux 8 VM running on the same subnet that VMs that will be installed are using.

How to do it…

Install the DHCP server with the dnf install -y dhcp-sever command. The following screenshot shows the full process:

Figure 2.3 – DHCP server installation

Figure 2.3 – DHCP server installation

Once installed, enable DHCP traffic through the firewall (as seen in the following screenshot) with the firewall-cmd --add-service=dhcp --permanent and firewall-cmd --reload commands:

Figure 2.4 – DHCP firewall commands

Figure 2.4 – DHCP firewall commands

The DHCP server has a sample DHCP config file installed in /usr/share/doc/dhcp-server. This has sample config files for both IPv4 in /usr/share/doc/dhcp-server/dhcpd.conf.example and IPv6 in /usr/share/doc/dhcp-server/dhcpd6.conf.example. For this DHCP server, we will use IPv4 and copy the sample config file to /etc/dhcp/dhcpd.conf. There is an existing config file, but by default, it is mostly empty with no configuration and can be replaced as in the following screenshot:

Figure 2.5 – Copy dhcp.conf

Figure 2.5 – Copy dhcp.conf

Next, the config file will need to be updated, changing the IP address range, as well as adding an NTP server to the configuration with the option of option ntp-servers 192.168.200.1, which sets the NTP server to 192.168.200.1. While configuring a NTP server is optional, it is highly recommended. Additionally, when the PXE server is not the DHCP server, you will need to add the next server parameter to the subnet. This will point DHCP clients to the TFTP boot from the PXE server.

Note

If you are using an existing DHCP server, make sure you add the next-server parameter to point to the PXE server that has the TFTP server.

Since the TFTP server is running on the PXE server, the DHCP server will need the next server option to be set to the IP address of the PXE server. A complete sample config file is shown here:

# dhcpd.conf
#
# These options are common to all networks
option domain-name "lab.m57.local";
option domain-name-servers 192.168.56.10;
default-lease-time 600;
max-lease-time 7200;
# If the DHCP server is the main server for the network, this should be set authoritative;
# This sets where logs are sent. By default they are sent to syslog. You can reconfigure sysylog to send to a different location as needed.
log-facility local7;
subnet 192.168.56.0 netmask 255.255.255.0 {
  range dynamic-bootp 192.168.56.100 192.168.56.150 ;
  option broadcast-address  192.168.56.255;
  option routers 192.168.56.1;
  option domain-name-servers 192.168.56.10 ;
  option domain-name "lab.m57.local";
  option ntp-servers 192.168.200.1;
   next-server pxe.lab.m57.local;
}
# Hosts which require special configuration options can be listed here, with the host details. This could be used to hard-code an IP address to a host, or define host-specific parameters like a non-0standard vmunix filename or a fixed IP address.
host fixedhost {
  hardware ethernet 0:0:aa:bb:cc:dd;
  filename "vmunix.fixedhost";
  server-name "fixedhost.m57.local;
}
# When using a fixed IP address, it is more common to assign the host an IP address outside of the DHCP managed IP address range. set.
host fantasia {
  hardware ethernet 08:01:02:03:04:05;
  fixed-address fixedhost2.m57.local;
}

Next, we need to test the DHCP server. To do this, install the nmap program with dnf install -y nmap.

Nmap is a powerful utility and can be used for many things. It is most well known as a port scanning tool, letting the user scan networks looking for servers that respond to a ping with nmap -sP 192.168.200.1/28, as seen in the following screenshot:

Figure 2.6 – Nmap ping scan

Figure 2.6 – Nmap ping scan

It can also be used to identify the OS and open ports of a specific server, with nmap 192.168.200.34 -O:

Figure 2.7 – Nmap ID server

Figure 2.7 – Nmap ID server

While Nmap is a powerful tool for scanning networks, it can also be used for many additional tasks, including checking that a DHCP server is replying correctly. This is done with the broadcast-dhcp-discover script and is used via the nmnap ––script option. Additionally, if your system has multiple interfaces, you can specify the network interface used by the scan with the -e option. In this environment, the DHCP server is verified with the nmap --script broadcast-dhcp-discover -e enp0s8 command:

Figure 2.8 – Nmap DHCP discovery

Figure 2.8 – Nmap DHCP discovery

We now know how the DHCP server works, so next is the Apache HTTPD server.

Previous Section
End of Section 4
Next Section