Managing SUSE Linux Enterprise - Amazon Web Services
Transcript of Managing SUSE Linux Enterprise - Amazon Web Services
Managing SUSE Linux EnterpriseCourse Navigation
Previous Sect ions
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Ident it y and Secur it ySection 9
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Topics in t h is sect ion include:
- Underst anding Com pil ing Sof t ware f rom Source
- Underst anding Managem ent of RPM Packages
- Underst anding Sof t ware Managem ent w it h Libzypp
Next
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Com pil ing f rom Source Overview
Why compile from source?
- You write software, have to test it works
- Packages are usually already-compiled software
- In-house software or experimental
- Curiosity?
1. Get the software tarball from an authoritative source.
2. Make a source directory.
3. Move the tarball there.
4. Unpack the tarball.
5. READ THE DOCUMENTATION (if it exists).
6. Configure the software.
7. Compile and install it .
Underst anding Com pil ing Sof t ware f rom Source
Underst anding Com pil ing Sof t ware f rom Source
Next Back
Typical Source Com pile
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Com pil ing Sof t ware f rom Source
Underst anding Com pil ing Sof t ware f rom Source
configure Determines needs, compiler, dependencies, uses that to construct a Makefile from the Makefile.in template
make Uses the steps in the Makefile to compile the software
Com pil ing Com m ands
install Part of the Makefile instructions, copies files to destination
clean Removes files normally causes by the make process
distclean Like cl ean, but also removes the conf i gur e information
Make Target s
make Performs the desired compile of the source code
install The steps to copy binaries/shared files to proper locations
uninstall Removes the installed items, may not be present/work
Next Back
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
aut om ake
Makef i le
Underst anding Com pil ing Sof t ware f rom Source
Underst anding Com pil ing Sof t ware f rom Source
aut oconf
conf igure
Makef i le.in
conf igure.ac
Makef i le.am
Put t ing I t All Toget her
m ake
+
=sof t ware com piled
and in build dir
Overall, the process is:
$ . / conf i gur e
$ make
$ make i nst al l
Consider the aut omake advantages
- Can construct an entire automated build system
- Centralizes bug and patch fixes for all managed packages
Going Through t he Process
Next Back
Makef i le
m ake inst all
+
=sof t ware m ade and copied t o dest dir
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Com pil ing Sof t ware f rom Source
Underst anding Com pil ing Sof t ware f rom Source
- Not easy to replicate company-wide- Updates and upgrades are labor-intensive- Lots of duplicated efforts- Lack of consistency of outcome- No central database/tracking of installs/changes, etc.
Disadvant ages of Source Inst alls
- Open Build Service is a free system for building software packages from source
- Automates the build process completely- Lets you focus on creating and maintaining the code- Over 500,000 packages and 60,000 developers so far
Build Services
Next Back
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Managem ent of RPM Packages
RPM environm ent is m ade of :
- r pm command- RPM database- RPM package files
Cont ent s of an RPM Package
- File identifier or package lead- Signature- Header (and information)- Scripts- Archive of files/payload of files
Underst anding Managem ent of RPM Packages
Underst anding Com pil ing Sof t ware f rom Source
RPM Com m and Basic Operat ions
- Query- Install- Remove- Other
RPM Nam ing Convent ions
Short vs. long package names- t r ee- t r ee- 1. 8. 0- 1. 5. x86_64
package_ver si on- bui l d_ar chi t ect ur e. r pm
Next Back
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Managem ent of RPM Packages
Inst all ing Packages via RPM
$ r pm - i vh <package. r pm>
- Reads package file, checks for dependencies- Can be bypassed with - - nodeps (use caution)
- If existing files conflict, use - - f or ce (again, use caution)- Copies files, directories, and links to specified locations- Enters package information into package database
--update Upgrades existing, installs any new packages
--freshen Upgrades existing installed, no net new installs
Underst anding Managem ent of RPM Packages
Underst anding Com pil ing Sof t ware f rom Source
Updat ing vs. Freshening
- When used against a set of packages/repository
-i Installs the package
-v Verbosely tells what 's going on
-h Hash-mark progress bar
- Optimal for workstations, general-purpose servers
- Optimal for limited-focus hosts, security, appliances
Next Back
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Managem ent of RPM Packages
Querying RPM Packages (Inst alled and on Disk)
$ r pm - q <packagename> <i nst al l ed>$ r pm - qp <packagename. r pm> <on di sk! >
- Important to know if querying installed package or package file on disk (requires - p)
- All queries are prefaced or include the - q option
Underst anding Managem ent of RPM Packages
Underst anding Com pil ing Sof t ware f rom Source
-qf Queries the owning package for a given file
-ql Lists out the files in the package
-qi Displays package name, version, description, etc.
-qp Queries a package file on disk (not installed)
-qc Lists out the configuration files for the package
--scripts What install/uninstall scripts are included
Next Back
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Managem ent of RPM Packages
Uninst all ing RPM Packages
$ r pm - e <packagename> <- - dangi t >
- Short package name is usually sufficient- Multiple versions of a short name requires long name- Alternatively can remove all matches- Watch for .RPMSAVE leave-behinds for config files
Underst anding Managem ent of RPM Packages
Underst anding Com pil ing Sof t ware f rom Source
-e/--erase Removes the specified package
-allmatches Removes all matching package name
--nodeps Use caution, will break dependencies
Int egr it y Check ing RPMs
$ r pm - V <packagename>
- Checks nine attributes of a package's files:- Owner, Group, Mode, MD5 Checksum, Size, Major and
Minor numbers, Symlink string, Modify t ime
-Va Verifies all nine attributes on EVERY FILE ON SYSTEM
Next Back
Correct ives aka "Dangit s"
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Sof t ware Managem ent w it h Libzypp
Libzypp and zypper Basics
- Libzypp is the main engine behind zypper- Similar to how APT works for Debian/Ubuntu- Default on SUSE, uses RPM libraries as well
Underst anding Com pil ing Sof t ware f rom Source
Underst anding Managem ent of RPM Packages
Underst anding Sof t ware Managem ent w it h Libzypp
Back Next
The zypper Com m and
zypper gl obal - opt i on command command- opt i on ar g
- Most zypper commands require root access- Configure other user access through sudo
Opt ions in zypper
- Options are either global or command-specific- Global options precede commands- Com m and options follow a command
Com m ands in zypper
- Uses words as commands, allows abbreviations - i n for install, r ef for refresh, etc.
- Most commands require at least one argument- zypper i n <package1> <package2>
St ar t EVERY zypper session w it h:
$ sudo zypper r ef- Downloads repository metadata, builds .solv files- Set with r epo. r ef r esh. dal ay in / et c/ zypp/ zypp. conf
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Sof t ware Managem ent w it h Libzypp
Underst anding Com pil ing Sof t ware f rom Source
Underst anding Managem ent of RPM Packages
Underst anding Sof t ware Managem ent w it h Libzypp
Back Next
install, in Installs a package/packages
Sof t ware Managem ent
remove, rm Removes a package/packages
verify, ve Verifies package dependency integrity
search, se Searches for packages, shows status if installed
list-updates, lu Lists the available updates for packages
Updat e Packages/Dist r ibut ion
update, up Updates installed packages to newer version
dist-upgrade, dup Does a distribution upgrade (service packs too)
patch-check, pchk Checks for patch availability
Pat ch Managem ent
list-patches, lp Lists the available patches
patch Installs the necessary/available patches
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Sof t ware Managem ent w it h Libzypp
Underst anding Com pil ing Sof t ware f rom Source
Underst anding Managem ent of RPM Packages
Underst anding Sof t ware Managem ent w it h Libzypp
Back Next
Package Reposit or ies
- Repositories are local or remote sets of packages- Metadata is pulled, compared, and pre-parsed- Dependencies are pre-solved if possible
Managing Reposit or ies
$ zypper l r <lists configured repositories>
$ zypper ar URL ALI AS <adds a repository>
- URL is the full path to the remote repository- ALIAS is a friendly unique name YOU set to identify
$ zypper r r al i as/ #/ URL <removes a repository>
- Can remove via the alias, repository number, or URL
$ zypper r enamer epo ol d new <renames a repository>
- If the repo maintainers make a name change, etc.
Rem oving Reposit or ies
Renam ing Reposit or ies
Software Management
Back t o Main
Course Navigation
Understanding Management of RPM Packages
Understanding Compiling Software from Source
Understanding Software Management with Libzypp
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Sof t ware Managem ent w it h Libzypp
Underst anding Com pil ing Sof t ware f rom Source
Underst anding Managem ent of RPM Packages
Underst anding Sof t ware Managem ent w it h Libzypp
Back
Managing Sof t ware w it h YaST
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Net work Managem ent in SLE
Next
Topics in t h is sect ion include:
- Underst anding Net work Managem ent in SLE
- Underst anding Net work Managem ent w it h Wicked
- Underst anding `f irewalld`
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Net work Managem ent in SLE
Underst anding Net work Managem ent in SLE
Next
Devices are network adapters, usually built-in to the motherboard, or the software that defines a virtual machine.
Devices
Def in ing Net work Term s
Interfaces are software that opens up a hardware device to be communicated with via system calls, etc.
Int er faces
Links are the establishment of a connection between a hardware device and the network the hardware is attached to.
Links
Addresses are the IP addresses used to communicate with the interface to a hardware device.
Addresses
Routes are the paths packets take from a given host to another host, when communicating outside of a local network.
Rout es
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Net work Managem ent in SLE
Underst anding Net work Managem ent in SLE
Next
Det erm ining Connect ivit y
ping Sends a series of packets and reports response
$ pi ng - c 5 10. 20. 30. 40PI NG 10. 20. 30. 40 ( 10. 20. 30. 40) 56( 84) byt es of dat a.64 byt es f r om 10. 20. 30. 40: i cmp_seq=1 t t l =128 t i me=0. 230 ms64 byt es f r om 10. 20. 30. 40: i cmp_seq=2 t t l =128 t i me=0. 260 ms64 byt es f r om 10. 20. 30. 40: i cmp_seq=3 t t l =128 t i me=0. 242 ms64 byt es f r om 10. 20. 30. 40: i cmp_seq=4 t t l =128 t i me=0. 527 ms64 byt es f r om 10. 20. 30. 40: i cmp_seq=5 t t l =128 t i me=0. 241 ms
- - - 10. 20. 30. 40 pi ng st at i st i cs - - -5 packet s t r ansmi t t ed, 5 r ecei ved, 0% packet l oss, t i me 4096msr t t mi n/ avg/ max/ mdev = 0. 230/ 0. 300/ 0. 527/ 0. 113 ms
Exam ples
- Simplest method is to ping a remote host- Name resolution is another layer up- If local, no routes involved
Tracing a Pat h
tracepath Shows the series of routers to reach a host
- Historically used t r acer out e- Deprecated now; use t r acepat h instead- Uses UDP and isn't fancy; blocked on most public
networks
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Net work Managem ent in SLE
Underst anding Net work Managem ent in SLE
Next
SUSE Linux Net work Conf igurat ion
- Configure three ways- Manually using i p command, non-persistent- Edit i f c f g- <i f ace> configuration file, persistent- Through YaST, persistent
Set t ing IP Addressing Manually
- The i p command is a one-stop shop for IP addressing- IP addressing usually set through DHCP
$ i p addr add 10. 20. 30. 40/ 24 br d + dev et h0$ i f up et h0$ i p addr show et h02: et h0: <BROADCAST, MULTI CAST, UP, LOWER_UP> mt u 1500 qdi sc
l i nk/ et her 00: 0c: 29: c3: 61: 4b br d f f : f f : f f : f f : f f : f f
i net 172. 16. 242. 134/ 24 br d 172. 16. 242. 255 gl obal et h0
val i d_l f t f or ever pr ef er r ed_l f t f or ever
i net 6 f e80: : 20c: 29f f : f ec3: 614b/ 64 scope l i nk
val i d_l f t f or ever pr ef er r ed_l f t f or ever
Sem i-Aut om at ic IP Addressing
- Static addresses are outside of DHCP control- If a server, use an IP reservation for persistent IP
- Set in the / et c/ dhcpd. conf- Matches the MAC address to an IP address
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Net work Managem ent in SLE
Underst anding Net work Managem ent in SLE
Next
$ cat / et c/ sysconf i g/ net wor k/ i f cf g- et h0
BOOTPROTO=' dhcp'BROADCAST=' 'I PADDR=' 'MTU=' 'NAME=' 'NETMASK=' 'NETWORK=' 'REMOTE_I PADDR=' 'STARTMODE=' aut o'DHCLI ENT_SET_DEFAULT_ROUTE=' yes'
Persist ency Across Device Nam ing
- Train udev to persistently name/assign interfaces- / et c/ udev/ r ul es. d/ 70_per si st ent - net . r ul es
- To network devices what UUID is for disks
Net work ing Def in it ion Files
- SUSE networking files are in / et c/ sysconf i g/ net wor k- conf i g is for parameters- dhcp is for lease info- Interface configs are in i f cf g- <i nt er f ace> files
Exam ple ifcfg-et h0 f i le
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Net work Managem ent in SLE
Underst anding Net work Managem ent in SLE
Next
Managing Int er faces on SUSE Linux
- Usually acts on single interface by name, some on all
$ i f st at us et h0et h0 up l i nk: #2, st at e up, mt u 1500 t ype: et her net , hwaddr 00: 0c: 29: c3: 61: 4b conf i g: compat : suse: / et c/ sysconf i g/ net wor k/ i f cf g- et h0 l eases: i pv4 dhcp gr ant ed l eases: i pv6 dhcp r equest i ng addr : i pv4 172. 16. 242. 134/ 24 [ dhcp] r out e: i pv4 def aul t v i a 172. 16. 242. 2 [ dhcp]
$ i f up et h0et h0 up
Br inging Up and Down Int er faces
Det erm ining Int er face St at us
$ i f down et h0et h0 down
$ i f st at#ker nelI nt er f ace RX Pkt s/ Rat e TX Pkt s/ Rat e RX Dat a/ Rat e TX Dat a/ Rat e RX Er r s/ Dr op TX Er r s/ Dr op RX Over / Rat e TX Col l / Rat e l o 106 0 106 0 6420 0 6420 0 0 0 0 0 0 0 0 0 et h0 7991 0 1546 0 5524K 0 133011 0 0 0 0 0 0 0 0 0
Get t ing Int er face St at s
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Net work Managem ent in SLE
Underst anding Net work Managem ent in SLE
Next
Managing Int er faces via YaST
- Works great for GUI and ncurses- Uses the l an module- Handles all file changes & restarts of services- Persistent, unlike i p command changes
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Net work Managem ent w it h Wicked
Underst anding Net work Managem ent w it h Wicked
Underst anding Net work Managem ent in SLE
Next
Wicked Net work ing
- Alternative to the i p ______ show commands- Reads and displays / et c/ sysconf i g/ net wor k files- Not entirely complete; work in progress
Wicked Daem ons
wicked.service Manages the interfaces
wickedd.service Manages the networking
Show Int er faces via Wicked
$ wi cked show et h0et h0 up<out put i s I DENTI CAL t o i f st at us et h0 out put >
Show Int er faces via Wicked XML
$ wi cked show- xml et h0<obj ect pat h=" / or g/ opensuse/ Net wor k/ I nt er f ace/ 2" > <i nt er f ace> <name>et h0</ name> <i ndex>2</ i ndex> <st at us>r eady, devi ce- up, l i nk- up, net wor k- up, ar p, <l i nk- t ype>et her net </ l i nk- t ype><. . . t r uncat ed heavi l y . . . >
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding `f irewalld`
Underst anding Net work Managem ent w it h Wicked
Underst anding `f irewalld`
Underst anding Net work Managem ent in SLE
Firewall i t !
- New in SLE 15 and replaces SuSEf irewall2- Two flavors:
- Graphical: firewall-config- Command line: firewall-cmd
Linux and Firewalls
- Firewalls limit incoming packets based on:- Origin of IP - Destination ports- Protocol used
- Handled at the kernel level by net f i l t er- User-configurable by ipt ables for many years- ipt ables can be very complex and confusing
- f irewalld is a new user-configurable layer- Manages ipt ables rules for you- Provides an interface for apps to interact with- Allows for more flexible use of zones- Allows for use of protocol/services names, not port numbers
f irewalld Zones
- A f irewalld zone is a defined area of trust that contains a set of allowed (incoming) services and connects to a network via an assigned interface
- All outgoing (from the local host) connections are allowed- Incoming traffic must be in an allowed service (protocol) for the
interface/zone
Next
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding `f irewalld`
Underst anding Net work Managem ent w it h Wicked
Underst anding `f irewalld`
Underst anding Net work Managem ent in SLE
Conver t ing f rom SuSEf irewall2
- More and different security zones- Conversion script for easier migration
- susefirewall2-to-firewalld
Modes of Operat ion
- Runt im e - Allows experimentation, testing, transient- Perm anent - In place across reloads/reboots- Configure and experiment, only commit when good
Graphical vs. Com m and Line
- Equally functional, choose one or use both- GUI tool is easier to navigate, useless on cli-only systems
- Auto-reload when saved and exited
- CLI tool is very scriptable, higher learning curve- Requires manual reload
- Failing to commit to permanent and reload leaves old config in place!
Next
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding `f irewalld`
Underst anding Net work Managem ent w it h Wicked
Underst anding `f irewalld`
Underst anding Net work Managem ent in SLE
Com m on f irewalld-cm d exam ples
List the network interfaces and zone assignments$ f i r ewal l - cmd - - zone=publ i c - - l i s t - i nt er f aceset h1
Add an interface to a zone$ f i r ewal l - cmd - - zone=i nt er nal - - add- i nt er f ace=et h1success
View Available Services$ f i r ewal l - cmd - - get - ser vi cesamanda- cl i ent amqp bacul a bgp bi t coi n dns docker i r c <. . . t r uncat ed heavi l y . . . >
Deep-dive information on a Service's specifics$ f i r ewal l - cmd - - i nf o- ser vi ce dnsdns por t s: 53/ t cp 53/ udp pr ot ocol s: <. . . out put t r uncat ed . . . >
Deep-dive information on a Zone's specifics$ sudo f i r ewal l - cmd - - i nf o- zone=publ i cpubl i c ( act i ve) t ar get : def aul t i cmp- bl ock- i nver si on: no i nt er f aces: et h0 sour ces: ser vi ces: ssh dhcpv6- cl i ent ht t p<. . . out put t r uncat ed . . . >
Next
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding `f irewalld`
Underst anding Net work Managem ent w it h Wicked
Underst anding `f irewalld`
Underst anding Net work Managem ent in SLE
Graphical f irewalld Managem ent
Next
Network Management
Back t o Main
Course Navigation
Understanding Network Management with Wicked
Understanding Network Management in SLE
Understanding f̀irewalld`
Net work Managem entSection 11
Sof t ware Managem ent
Section 10
St orage Managem entSection 12
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding `f irewalld`
Underst anding Net work Managem ent w it h Wicked
Underst anding `f irewalld`
Underst anding Net work Managem ent in SLE
Back
Graphical f irewalld Managem ent
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
- Linux I /O St ack Overview
- Recognizing Tradit ional Linux File Syst em s
- Conf igur ing Logical Volum e Managem ent (LVM)
- Conf igur ing Sof t ware RAID
- Def in ing and Descr ibing Bt r fs
- Underst anding Net work File Syst em Version 4 (NFSv4)
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Linux I /O St ack Overview
Linux I /O St ack Overview
fdisk is the grandfather of disk tools and is still useful and appropriate, though it is a destructive partit ioning tool.
fdisk
Conf igur ing Disks w it h Par t it ions
Command line tool for creating and managing partit ion tables. Designed to be safe and non-destructive, it can also resize partit ions.
par t ed
The disk partit ioning module of YaST, it also does a lot of other advanced configuration of disks and comes in text and GUI modes.
YaST Par t it ioner
MBR vs. GPT Disks
- Master Boot Record (MBR)- Limited to four primary partit ions per disk- Can swap a primary for a single Extended- Extended partit ions contain Logical partit ions- Limited to 2 TB in size- Partit ioning and boot data is uni-located
- GUID Partit ion Table (GPT)- 127 partit ions are allowed in the specification- Linux is limited to 15 partit ions per disk- Massive disk sizes in the stratospheric range- Multiple redundancy for partit ion and boot data
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Linux I /O St ack Overview
Linux I /O St ack Overview
Using par t ed t o Manage St orage
- Comes in two modes:- Int eract ive: Great for discovery, shell-like interface- Non-int eract ive: Great for scripting, automation
$ par t ed / dev/ sdb mkl abel msdos mkpar t pr i mar y xf s 1 25%
$ l sbl kNAME MAJ: MI N RM SI ZE RO TYPE MOUNTPOI NTsda 8: 0 0 20G 0 di sk ??sda1 8: 1 0 8M 0 par t ??sda2 8: 2 0 18G 0 par t /sdb 8: 16 0 10G 0 di sk ??sdb1 8: 17 0 2. 5G 0 par t
Non-int eract ive m ode exam ple
$ par t ed / dev/ sdb (parted) pr i nt<. . t r uncat ed . . >Number St ar t End Si ze Type Fi l e syst em Fl ags 1 1049kB 2684MB 2683MB pr i mar y t ype=83(parted) r esi ze 1 20%Number St ar t End Si ze Type Fi l e syst em Fl ags 1 1049kB 2147MB 2146MB pr i mar y t ype=83
Int eract ive m ode exam ple
Not e about alignm ent
- Recommend optimal alignment, lines up the partit ion table addresses to the real physical disk blocks
- Avoids performance degradation
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Linux I /O St ack Overview
Linux I /O St ack Overview
Using YaST t o Par t it ion Disks
- Use for simple or complex disk partit ioning schemes- Handles all needed tasks, partit ion probes, refreshes, etc.- In some cases, may be the sole supported method
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Recognizing Tradit ional Linux File Syst em s
Recognizing Tradit ional Linux File Syst em s
Linux I /O St ack Overview
Filesyst em s Available in SLE 15
- Some restrictions apply to filesystem usage- ReiserFS sundowned- JFS supported for existing volumes, no new
Ext2/3 Extended filesystems 2/3 are older, but supported
Ext4 Current ext filesystem version, supported
XFS Excellent for data partit ions, large volume sizes
Btrfs Default for / in SLE 12 and 15, many features
VFAT All versions of FAT, 12/16/32 bit, many features
NTFS NTFS-3G supported only on SLED 15
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Recognizing Tradit ional Linux File Syst em s
Recognizing Tradit ional Linux File Syst em s
Linux I /O St ack Overview Creat ing Filesyst em s f rom t he CLI- Uses the mkf s. xxxx commands- Exceptions are xfs and btrfs
- mkf s. xf s creates old XFS fs, no shrinking- mkf s. bt r f s works, but only YaST mode is supported
View ing Available Disks/Par t it ions
- Base level of what 's attached to your system- Prelude to making filesystems and mounting
blkid Reads a block device's attributes, including UUID
lsblk Lists block device attributes, shows in tree format
Prepar ing t o Mount Filesyst em s
- The / et c/ f st ab- Configures what will be and can be mounted- Using UUIDs makes device recognit ion order less
problematic- The / et c/ mt ab
- Shows what is mounted- Special-use mount directories
- / mnt- / mount- / var / r un/ medi a
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Recognizing Tradit ional Linux File Syst em s
Recognizing Tradit ional Linux File Syst em s
Linux I /O St ack Overview
Mount ing Filesyst em s
- Once items are properly set up in the / et c/ f st ab- Mounting is easy and secure (only root can set up)
$ mount / dev/ sdc5 / home$ mount | gr ep home/ dev/ sdc5 on / home t ype xf s ( r w, r el at i me)
mount Maps a disk filesystem to a system mount point
Unm ount ing Filesyst em s
- Filesystem must not be in use- Use appropriate tools to remove users/processes
$ umount / home$ mount | gr ep home<. . . no out put . . . >
umount Removes the mount for a given filesystem
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Recognizing Tradit ional Linux File Syst em s
Recognizing Tradit ional Linux File Syst em s
Linux I /O St ack Overview
- User processes often stop the unmounting of storage- Can be an open file from a program- User signed in to a bash session
- In order to unmount/backup/repair- Have to find and kill those processes/sessions
To find open files on a filesystems$ l sof / home
To end the processes keeping the filesystem bushy$ ki l l - HUP ` l sof - t / home`
Getting users off a filesystem- Find the offender, up arrow and add -k to kill
$ f user - u / home/ cl oud_user / f i l e1/ home/ cl oud_user / f i l e1 12345( cl oud_user )
Freeing Up Filesyst em s for Backup Et c.
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Logical Volum e Managem ent (LVM)
Linux I /O St ack Overview
Logical Volum es in Plain Term s
- Tradit ionally:- Disks are limited to a physical capacity- Partit ions can only be as big as a physical disk- Filesystems could only be as big as the partit ion size
- Wit h LVM:- Physical disks are pooled together to make volum e groups- Volum e groups can be divided into logical volum es
- Can be resized non-destructively- Logical volum es can have f i lesyst em s created on them
- Can be resized non-destructively
- In shor t :- Volum e groups are the new disks- Logical volum es are the new par t it ions- Filesyst em s are created as usual, but on logical volum es
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Logical Volum e Managem ent (LVM)
Linux I /O St ack Overview
PhysicalVolume
PhysicalVolume
PhysicalVolume
volgrp1
PhysicalVolume
PhysicalVolume
PhysicalVolume
PhysicalVolume
PhysicalVolume
PhysicalVolume
volgrp1lvm vol1 lvm vol2
PhysicalVolume
PhysicalVolume
PhysicalVolume
volgrp1lvm vol1 lvm vol2/ / hom e
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Logical Volum e Managem ent (LVM)
Linux I /O St ack Overview
Disks, ASSEMBLE!
- Physical volumes are created with pvcr eat e- Can be whole disks or partit ions of a disk
- Lots of use cases for both- List your available devices first:
$ l sbl k- Then prepare your disks to be physical volumes:
$ pvcr eat e / dev/ sda etc.
- Note: If you get errors and need to zero out a disk:$ wi pef s - a / dev/ sd<abc>
- Then list your new physical volumes:$ pvs or pvscan or pvdi spl ay
PhysicalVolume
PhysicalVolume
PhysicalVolume
/dev/sda /dev/sdb /dev/sdc
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Logical Volum e Managem ent (LVM)
Linux I /O St ack Overview
PhysicalVolume
PhysicalVolume
PhysicalVolume
volgrp1
PhysicalVolume
PhysicalVolume
PhysicalVolume
Volum e Groups
- Volume groups are created with vgcr eat e- Constructed from the available physical volumes:
- The ones prepared using pvcr eat e- Confirm the available physical volumes:
- $ pvs or pvscan or pvdi spl ay- Then create the volume group:
$ vgcr eat e vol gr p1 / dev/ sda / dev/ sdb / dev/ sdc- Then list your new volume group:
$ vgs or vgscan or vgdi spl ay
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Logical Volum e Managem ent (LVM)
Linux I /O St ack Overview
Logical Volum es
- Volume groups are created with l vcr eat e- Constructed from a volume group
- Logical volumes can only use a single volume group- List your volume group:
$ vgs or vgscan or vgdi spl ay- Then create the desired logical volumes:
$ l vcr eat e - L 10GB - n l vmvol 1 vol gr p1$ l vcr eat e - L 40GB - n l vmvol 2 vol gr p1
- Check to see what you've done is correct:$ l vs or l vscan or l vdi spl ay
PhysicalVolume
PhysicalVolume
PhysicalVolume
volgrp1
PhysicalVolume
PhysicalVolume
PhysicalVolume
volgrp1lvm vol1 lvm vol2
Now put a f i lesyst em on your logical volum es!
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Logical Volum e Managem ent (LVM)
Linux I /O St ack Overview
Adding More Space t o Logical Volum es
- Back up your data first!- NEVER do any disk operation without backup(s)
- YaST Partit ioner is recommended for all disk operations
Extend the volume group by adding a PV:$ vgext end vol gr p1 / dev/ sdd
PhysicalVolume
PhysicalVolume
PhysicalVolume
volgrp1
Then grow the logical volume:$ l vext end - L +1024GB / dev/ vol gr p1/ l vmvol 2$ l vr esi ze - L +1024GB / dev/ vol gr p1/ l vmvol 2
PhysicalVolume
PhysicalVolume
PhysicalVolume
volgrp1PhysicalVolume
lvm vol1 lvm vol2
PhysicalVolume
Wait , which f i lesyst em s can be resized?
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Logical Volum e Managem ent (LVM)
Linux I /O St ack Overview
Resizing Filesyst em s
- Not every filesystem supports resizing- Some can be resized while online and being accessed!
Filesyst em s Suppor t ed
Fi l esyst em Command Gr ow Shr i nk
Ext 2 r esi zef s On/ Of f l i ne Of f l i ne
Ext 3 r esi zef s On/ Of f l i ne Of f l i ne
Ext 4 r esi zef s On/ Of f l i ne Of f l i ne
XFS xf s_gr owf s Onl i ne No Suppor t
Grow an ext2/3/4 filesystem to the max space:$ sudo r esi ze2f s / dev/ vol gr p1/ l vmvol 2
PhysicalVolume
PhysicalVolume
PhysicalVolume
volgrp1PhysicalVolume
lvm vol1 lvm vol2/ / hom e
Now We Can Resize t he Filesyst em !
Grow a Btrfs filesystem to the max size:$ sudo bt r f s f i l esyst em r esi ze /
Grow an XFS filesystem to the max size:$ sudo xf s_gr owf s - d / home
Always confirm resize operations:$ df - hT <i nspect out put >
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Logical Volum e Managem ent (LVM)
Linux I /O St ack Overview
LVM Snapshot s
- An LVM snapshot is similar to a logical volume (LV)- Requires unallocated space to create
- Can be mounted and accessed like an LV- Requires sufficient free space in the volume group (VG)
- Testing filesystems changes- Update/upgrade/freshen testing- Backups while original is in use
Use for Many Operat ions
St eps1. Make the snapshot.2. Install and test on snapshot.3. Confirm operation success.4. Delete snapshot.5. Repeat as necessary.
Sof t ware Test ing ? Exam ple
St eps1. Make the snapshot.2. Perform operation (back up, etc.).3. Confirm operation is successful.4. Delete snapshot.
Back ing Up a Filesyst em ? Exam ple
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Sof t ware RAID
Linux I /O St ack Overview
Mult iple RAID Syst em s Available
- Multiple Device (MD) is the kernel default- Device Mapper also available (not covered)- No relationship between them
RAID Levels
Level Descr i pt i on Saf et y
0 St r i pi ng acr oss di sks None
1 Mi r r or i ng of 2 di sks Medi um
5 St r i pi ng wi t h par i t y Medi um
6 St r i pi ng wi t h doubl e par i t y Hi gh
Met hods of Conf igur ing RAID on SLE
- Using mdadm- Command line interface, very long commands
- Using YaST Par t it ioner- GUI is pleasant and easy to use- TUI/ncurses is a symphony of the TAB key
Monit or ing RAID
- Watch the / pr oc/ mdst at file- See any changes every X seconds:
$ wat ch cat / pr oc/ mdst at
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Sof t ware RAID
Linux I /O St ack Overview
Using m dadm t o Manage RAID
- The mdadm command is complex- Many modes and options available- Inspires a lot of scripting
m dadm Modes and Opt ions
- C Create a new array ( - - Cr eat e)
- F Follow or monitor an array ( - - moni t or )
- G Grow an array ( - - gr ow)
Exam ple of Ar ray Creat ion
mdadm - C <ar r ay> - n #of di sks - l <l evel > <di sks>$ mdadm - C / dev/ md0 - l 1 - - r ai d- devi ces=2 - x 1 / dev/ sda / dev/ sdb
Creat e an m dadm Default Conf ig File
- Examines the system for existing arrays and their disks- Makes a configuration file that reflects the setup
$ mdadm - E - s > / et c/ mdadm. conf
- Q Query an array for basic info ( - - det ai l ) full info
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Conf igur ing Sof t ware RAID
Linux I /O St ack Overview
Track ing Your RAID Ar ray
- Edit the / et c/ sysconf i g/ mdadm file- MAILADDR should be set to a proper email- Test it works ? this is important information
Enable and St ar t MD Monit or ing
$ sudo syst emct l enabl e mdmoni t or . ser vi ce
$ sudo syst emct l st ar t mdmoni t or . ser vi ce
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Def in ing and Descr ibing Bt r fs
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Def in ing and Descr ibing Bt r fs
Linux I /O St ack Overview
Everyt hing Is Bet t er w it h Bt r fs
- Very active development; myriad of features- Inherently copy-on-write- Uses subvolumes extensively- Massively scalable - Transparent compression/encryption- Optimized for SSD (solid state devices)
Bt r fs Suppor t in SLE
- Fully supported by the YaST Partit ioner- Can use varying RAID for metadata/data
- Metadata changes much more often- Multiple checksums for safety/error detection
- Recommended for the / filesystem- Subvolumes make updates easier- Roll back failed updates, etc.
- XFS recommended for data filesystems- Separating user and system data is recommended
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Def in ing and Descr ibing Bt r fs
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Def in ing and Descr ibing Bt r fs
Linux I /O St ack Overview
Som e (1)
File (2)
Dat a (3)
File1Or iginal
Som e (1)
Ot her (4)
Dat a (3)
File1 1st Change
File (2)
Som e (1)
More (5)
Dat a (3)
File1 2nd Change
Ot her (4)
Unallocat ed and Available Blocks
File (2)
What Is Copy-on-Wr it e?
- Copy-on-write is simple- Never update data in place; always allocate new blocks
- When a tradit ional FS writes a change to a block:- It changes the data in the block
- When Btrfs wants to change a block:- It writes a "copy" to a new block and tracks the old one
- Makes the FS transactional- If a transaction (write) fails, the real data is safe- Makes recovery much faster; just use the original- No need for a separate journal
- Constant allocation of new space can cause fragmenting
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Def in ing and Descr ibing Bt r fs
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Def in ing and Descr ibing Bt r fs
Linux I /O St ack Overview
Bt r fs and Subvolum es
- All Btrfs volumes have an init ial subvolume "@"- You can subdivide the main volume into subvolumes
- Each subvolume is an individual Btrfs filesystem- Subvolumes appear to be directories
- Are mounted off the / or @ subvolume
Discover Default Subvolum es
$ sudo bt r f s subvol ume l i s t /I D 257 gen 18079 t op l evel 5 pat h @I D 258 gen 19648 t op l evel 257 pat h @/ varI D 259 gen 18079 t op l evel 257 pat h @/ usr / l ocal<. . . out put t r uncat ed . . . >
The Beaut y of Subvolum es
- Subvolumes can have separate attributes- Quotas, snapshot rules
- Can be nested within each other- Makes updating systems easier and safer
- Snapshots are done pre/post many system tasks- Makes software testing easier too
- Easy to script; makes iteration effortless
Disabling CoW
- Disable for super-busy volumes- Virtualized systems, databases, mail, logging
- Configure in / et c/ f st ab, using nodat acow option- Set individual files or directories with
$ chat t r +C <f i l e/ di r >Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Def in ing and Descr ibing Bt r fs
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Def in ing and Descr ibing Bt r fs
Linux I /O St ack Overview
Snapshot s
- Btrfs uses snapshots for many system operations- Snapshot : Copy of the state of a subvolume at a given time
- Snapshots are independently mountable- Easiest way to clone a subvolume is to snapshot it
- Excludes some directories to reduce rollback data loss- / boot / gr ub*- / opt (keeps your third-party apps safe)- / home (if on the same subvolume as / )- / sr v (safeguards www and FTP data)- / t mp (all temporary directories excluded)- / usr / l ocal (usually contains manual installs)- / var (on separate subvolume, CoW disabled)
When YaST/Zypper installs packages, a pre and post snapshot are made. These can be marked as regular or important, such as kernel, last 10 of both kept. Enabled by default .
Inst allat ion
All admin tasks in YaST cause a pre and post snapshot to be made. These can be marked as regular or important, such as kernel, last 10 of both kept. Enabled by default .
Adm inist rat ion
A single snapshot per configured subvolume made every hour. First snapshots of last 10 days/months/years are kept. Disabled by default for / par t it ion.
Tim eline
Types of Snapshot s
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Def in ing and Descr ibing Bt r fs
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Def in ing and Descr ibing Bt r fs
Linux I /O St ack Overview
Not es about Snapshot s
- Btrfs volumes must be +16 GB for auto use of snapshots- Snapshots on non-/ volumes are disabled by default- Snapshots and original data both point to same blocks
- So an init ial snapshot takes no extra space- Only changed blocks are copied (see CoW part)
- Snapshots are completely configurable
Enable/Disable $ vi m / et c/ sysconf i g/ yast 2<. . . >USE_SNAPPER yes <- on by def aul t ; set t o no t o di sabl e>
Conf igur ing Adm inist rat ion Snapshot s
Enable$ sudo zypper i n snapper - zypp- pl ugi nDisable$ sudo zypper r m snapper - zypp- pl ugi n
Conf igur ing Inst allat ion Snapshot s
Enable$ sudo snapper - c r oot set - conf i g " TI MELI NE_CREATE=yes"Disable$ udo snapper - c r oot set - conf i g " TI MELI NE_CREATE=no"
Conf igur ing Tim eline Snapshot s
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Underst anding Net work File Syst em Version 4 (NFSv4)
Def in ing and Descr ibing Bt r fs
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Underst anding Net work File Syst em Version 4 (NFSv4)
Linux I /O St ack Overview
Net work File Syst em (NFS) Basics
- Designed for sharing data across networks- Part of the Linux kernel; easy to configure
- Uses the / et c/ expor t s file by default
- SLE 15 uses NFSv4; many improvements- Runs via Remote Procedure Call (RPC)- Depending on the use case:
- Can be a data directory- Home directory- Some or all of / usr- Entire systems
How NFS Shar ing Works
NFS Client
/home/user1
NFS Server
NFS Client
/home/user1
NFS Client
/home/user1
Next
Exported/home
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Underst anding Net work File Syst em Version 4 (NFSv4)
Def in ing and Descr ibing Bt r fs
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Underst anding Net work File Syst em Version 4 (NFSv4)
Linux I /O St ack Overview
Ensure NFS Is Enabled and Started$ sudo syst emct l enabl e nf s$ sudo syst emct l st ar t nf s$ sudo syst emct l st at us nf s? nf s. ser vi ce - Al i as f or NFS cl i ent Loaded: l oaded ( / usr / l i b/ syst emd/ syst em/ nf s. ser vi ce; enabl ed; vendor pr eset : di sabl ed) Act i ve: act i ve ( exi t ed) s i nce Sun 2019- 12- 29 17: 16: 48 EST; 4s ago Pr ocess: 36913 ExecSt ar t =/ bi n/ t r ue ( code=exi t ed, st at us=SUCCESS) Mai n PI D: 36913 ( code=exi t ed, st at us=0/ SUCCESS)Dec 29 17: 16: 47 134 syst emd[ 1] : St ar t i ng Al i as f or NFS cl i ent . . .Dec 29 17: 16: 48 134 syst emd[ 1] : St ar t ed Al i as f or NFS cl i ent .
St ar t ing and St opping NFS
Edit the / et c/ expor t s File
/ expor t / di r name host s( opt i on, opt i on)/ expor t / somedi r keyst one( r w, sync, r oot _squash)
Expor t ing Shares via NFS
$ cat / var / l i b/ nf s/ et ab/ home 192. 168. 0. 0/ 24( r o, sync, wdel ay, hi de, nocr ossmnt , secur e,r oot _squash, no_al l _squash, no_subt r ee_check, secur e_l ocks, acl ,no_pnf s, anonui d=65534, anongi d=65534, sec=sys, r oot _squash,no_al l _squash)
Ver ifying Expor t s Local/Rem ot e
Next
Storage Management
Back t o Main
Course Navigation
Recognizing Tradit ional Linux File Systems
Linux I/O Stack Overview
Configuring Logical Volume Management (LVM)
St orage Managem entSection 12
Configuring Software RAID
Defining and Describing Btrfs
Understanding Network File System Version 4 (NFSv4)
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
Adm inist rat ion and Monit or ing
Section 13
Inst all ing SUSE Linux Ent erpr iseSection 14
Underst anding Net work File Syst em Version 4 (NFSv4)
Def in ing and Descr ibing Bt r fs
Conf igur ing Sof t ware RAID
Conf igur ing Logical Volum e Managem ent (LVM)
Recognizing Tradit ional Linux File Syst em s
Underst anding Net work File Syst em Version 4 (NFSv4)
Linux I /O St ack Overview
YaST NFS Server and Client
- Makes sharing easier than puzzling out via CLI- Makes connection easier for non-tech people
Back
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Topics in t h is sect ion include:
- Underst anding Tim e Sync w it h `chrony`
- Conf igur ing Syst em Logging
- Underst anding Suppor t conf ig
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Tim e Sync w it h `chrony`
Underst anding Tim e Sync w it h `chrony`
- Network Time Protocol (NTP) is the standard- Many system actions require accurate t ime
- Synchronization- Security system - Financial transactions
Tim e Managem ent Overview
NTP Client
NTP
NTP
NTP
NTP Client
NTP
St rat um 1
St rat um 2
St rat um 3NTP
At om ic Clock
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Tim e Sync w it h `chrony`
Underst anding Tim e Sync w it h `chrony`
- Tradit ional NTP service has been moved to Legacy
- On its way to obsolete
- Effective in SLE 15 all NTP is done by chrony
- Automatic conversion during upgrades
Tim e Syst em Changes in SLE 15
- Made up of client and server/daemon
- chr onyc - Client configuration, replaces ntp utilit ies
- chr onyd - systemd daemon/service, replaces ntpd
- Main configuration file
- / et c/ chr ony. conf
- Include directory
- / et c/ chr ony. d
The chrony Package
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Tim e Sync w it h `chrony`
Underst anding Tim e Sync w it h `chrony`
- Set up authoritative t ime servers in / et c/ chr ony. confser ver t i ck. usno. navy. mi l
ser ver t ock. usno. navy. mi l
- Your organization may have time source policies
- Often requires use of corporate t ime servers
- Top-level servers will deny too-frequent queriers
Conf igur ing t he chronyd daem on
$ sudo syst emct l enabl e chr onyd
$ sudo syst emct l st ar t chr onyd
$ sudo syst emct l st at us chr onyd? chr onyd. ser vi ce - NTP cl i ent / ser ver
Loaded: l oaded ( / usr / l i b/ syst emd/ syst em/ chr onyd. ser vi ce;
enabl ed; vendor pr eset : di sabl ed)
Act i ve: act i ve ( r unni ng) s i nce Mon 2019- 12- 30 14: 49: 50 EST;
Docs: man: chr onyd( 8)
man: chr ony. conf ( 5)
Mai n PI D: 63705 ( chr onyd)
Tasks: 1 ( l i mi t : 19660)
CGr oup: / syst em. sl i ce/ chr onyd. ser vi ce
??63705 / usr / sbi n/ chr onyd
Enable/St ar t chrony daem on
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Tim e Sync w it h `chrony`
Underst anding Tim e Sync w it h `chrony`
- The chronyd service must be running
Using t he chronyc client
$ chr onyc sour ces210 Number of sour ces = 2MS Name/ I P addr ess St r at um Pol l Reach Last Rx Last sampl e ========================================================================^+ 192. 5. 41. 40 1 8 377 194 - 434us[ - 2807us] +/ - 82ms^* 192. 5. 41. 41 1 8 377 198 - 9132us[ - 12ms] +/ - 72ms
$ chr onyc sour ces - v
- Temporary changes only
- All persistent changes must be in configuration files
- / et c/ chr ony. conf
- / et c/ chr ony. d/ *
Test and Tune chronyd w it h chronyc
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Conf igur ing Syst em Logging
Conf igur ing Syst em Logging
Underst anding Tim e Sync w it h `chrony`
- System logging is a key part of monitoring systems
- SLES 15 has two options, uses both
- rsyslog for main monitoring, advanced usage
- syst em d journal for local system-related logging
Syst em Logging Overview
- Designed for local system use only
- Missing many rsyslog-like features
- Can be set to forward to rsyslog (recommended)
Why Not Just Use syst em d journal?
Conf igur ing rsyslog
/ et c/ r sysl og. conf Main configuration file for rsyslogd
/ et c/ r sysl og. d Configuration include directory
/ et c/ sysconf i g/ sysl og Service Run-time Parameters
- Long established logging mechanism
- Used since the SLE 12 release
- Easily configured, steady and consistent
Logging w it h rsyslog
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Conf igur ing Syst em Logging
Conf igur ing Syst em Logging
Underst anding Tim e Sync w it h `chrony`
- At its heart, logging is made up of rules
Rules are made up of:
- Select or (set of messages)
- Facil i t ies.Pr ior it ies (explained further on)
- Act ions (what to do with them)
- Dest inat ion/Target (also explained further on)
Conf igur ing Logging Ent r ies
Filter Actionmai l . * - / var / l og/ mai l
Exam ple Logging Rule
Exam ple Select ors (Facil i t ies and Pr ior it ies)
Fi l t er Descr i pt i on
f ac. * Al l Pr i or i t i es except debug
f ac. pr i That pr i or i t y and hi gher
f ac. =pr i Just t hat pr i or i t y
f ac. ! pr i Al l pr i or i t i es BUT
f ac. * ; f ac. =pr i Mul t i pl e f ac wi t h di f f pr i l evel s
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Conf igur ing Syst em Logging
Conf igur ing Syst em Logging
Underst anding Tim e Sync w it h `chrony`
Facil i t ies (t h ink of as Cat egor ies or Channels)
Code Faci l i t y Descr i pt i on
0 ker n Ker nel messages
1 user User messages
2 mai l Mai l - r el at ed messages
3 daemon Syst em Daemon messages
4 aut h Secur i t y/ Aut hent i cat i on
5 sysl og ( r s) ysl og i nt er nal messages
9 cr on Cr on daemon messages
10 secur i t y Secur i t y/ Aut h messages
12 nt p NTP messages
16 l ocal 0 Local or cust om use
23 l ocal 7 Local or cust om use
Pr ior it ies (t h ink of as Sever it y of Messages)
Code Pr i or i t y Sever i t y
0 emer g Emer gency: syst em i s unusabl e
1 al er t Al er t : act i on must be t aken i mmedi at el y
2 cr i t Cr i t i cal : cr i t i cal condi t i ons
3 er r Er r or : er r or condi t i ons
4 war n War ni ng: war ni ng condi t i ons
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Conf igur ing Syst em Logging
Conf igur ing Syst em Logging
Underst anding Tim e Sync w it h `chrony`
Act ions You Can Log To
ACTI ON DESCRI PTI ON
Fi l e Regul ar f i l e, / f ul l / pat h/ t o/ f i l e
Named Pi pe Pr ef i x | / f ul l / pat h/ t o/ pi pe
TTY/ Consol e / dev/ t t y or / dev/ consol e
Remot e Syst em @I PAddr ess or @Host name
user 1, user 2 Li st of user s t o not i f y i f l ogged i n
* Not i f y al l l ogged i n user s
Dat abase Log ent r i es t o a t abl e
Out put Channel $mychannel , l i ke a var i abl e
Shel l Execut e ^pr ogr am- t o- exec
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Conf igur ing Syst em Logging
Conf igur ing Syst em Logging
Underst anding Tim e Sync w it h `chrony`
- If running a local-only system, no need for rsyslog- If rsyslog is installed and configured, syst em d will be
configured by default to forward entries to rsyslog
Work ing w it h syst em d journals
$ vi m / et c/ syst emd/ j our nal d. conf<. . . >St or age=per si st ent<. . . >
$ sudo syst emct l r est ar t j our nal d
Conf igure syst em d journal Persist ency
$ sudo j our nal ct l - k <Shows onl y l at est Ker nel ent r i es>
$ sudo j our nal ct l - u chr onyd<Shows ent r i es t hat mat ch t he syst emd chr ony uni t >
$ sudo j our nal ct l - - s i nce " t oday" - - unt i l " 4: 00"<Di spl ays ent r i es f r om 12: 00 AM unt i l 4: 00 AM>
Useful journalct l opt ions
$ vi m / et c/ syst emd/ j our nal d. conf<. . . >For war dToSysl og=yes<. . . >
$ sudo syst emct l r est ar t j our nal d
Conf igure journal Forwarding t o rsyslog
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Suppor t conf ig
Conf igur ing Syst em Logging
Underst anding Suppor t conf ig
Underst anding Tim e Sync w it h `chrony`
- A method of collecting a detailed system report- Produces a .tar file of the results
- Located in / var / l og/ nt s_###_########. t bz- Necessary when opening a Support Request
- First thing you will be asked for
What is Suppor t conf ig?
$ su -$ suppor t conf i gGat her i ng syst em i nf or mat i on Dat a Di r ect or y: / var / l og/ nt s_134_191230_1727 Basi c Ser ver Heal t h Check. . . Done RPM Dat abase. . . Done Basi c Envi r onment . . . Done Syst em Modul es. . . Done Memor y Det ai l s. . . Done Di sk I / O. . . Done B- t r ee Fi l e Syst em. . . Done YaST Fi l es. . . Done Audi t i ng. . . Done Cr ash I nf o. . . Done Syst em Logs. . . Done <. . . >
Cr eat i ng Tar Bal l
==[ DONE ] ============================================ Log f i l e t ar bal l : / var / l og/ nt s_134_191230_1727. t bz Log f i l e s i ze: 1. 5M Log f i l e md5sum: ab258f 372b0e9r 92b5e1e406f 92a283- f======================================================
Generat ing a Suppor t conf ig t arball
Next
Administration and Monitoring
Back t o Main
Course Navigation
Configuring System Logging
Understanding Time Sync with `chrony`
Understanding Supportconfig
Adm inist rat ion and Monit or ing
Section 13
Sof t ware Managem ent
Section 10
Net work Managem entSection 11
St orage Managem entSection 12
Inst all ing SUSE Linux Ent erpr iseSection 14
ConclusionSection 15
Underst anding Suppor t conf ig
Conf igur ing Syst em Logging
Underst anding Suppor t conf ig
Underst anding Tim e Sync w it h `chrony`
- YaST -> Support Module -> Supportconfig
- Must be root user
- One-Stop-Shopping for:
- Service Requests
- Supportconfig tarballs
- Uploading tarballs
Using t he YaST Suppor t Module
Back