This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
documentation:server-install-os [2018/06/25 23:56] mpospisek created |
documentation:server-install-os [2019/08/01 09:09] tjotov removed |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Operating system install ====== | ||
- | ===== CentOS 7 Minimal Install | + | |
+ | ====== Operating System Installation ====== | ||
+ | |||
+ | ==== CentOS 7 Minimal Install ==== | ||
Please use CentOS 7 Minimal Install DVD image. See e.g. ftp:// | Please use CentOS 7 Minimal Install DVD image. See e.g. ftp:// | ||
Line 12: | Line 14: | ||
<codedoc code: | <codedoc code: | ||
- | [root@AIM-4 ~]# fdisk -l | + | # fdisk -l |
Disk /dev/sda: 25.8 GB, 25769803776 bytes, 50331648 sectors | Disk /dev/sda: 25.8 GB, 25769803776 bytes, 50331648 sectors | ||
Line 29: | Line 31: | ||
Sector size (logical/ | Sector size (logical/ | ||
I/O size (minimum/ | I/O size (minimum/ | ||
- | |||
Disk / | Disk / | ||
Line 36: | Line 37: | ||
I/O size (minimum/ | I/O size (minimum/ | ||
</ | </ | ||
- | |||
- | Base environment | + | **yum settings and OS update** |
- | + | ||
- | SSH keys | + | |
<codedoc code: | <codedoc code: | ||
- | ssh-keygen -t rsa | + | vi / |
</ | </ | ||
- | yum settings and OS update | + | <sxh bash> |
- | <codedoc code:bash> | + | proxy=http://yourproxy.domain.com: |
- | vi /etc/yum.conf | + | http_proxy=http:// |
+ | https_proxy=http:// | ||
+ | </ | ||
- | # proxy=http:// | + | ==== Base environment ==== |
- | # http_proxy=http:// | + | **SSH keys** |
- | + | <codedoc code:bash> | |
- | # https_proxy=http: | + | ssh-keygen -t rsa |
+ | </codedoc> | ||
- | yum update | + | **Useful utilities** |
+ | <codedoc code: | ||
+ | ~~codedoc: | ||
</ | </ | ||
- | Useful utilities | + | **System time** |
- | <codedoc code: | + | |
- | yum install wget mc net-tools | + | |
- | </ | + | |
- | Time synchronization | ||
<codedoc code: | <codedoc code: | ||
yum install ntp | yum install ntp | ||
- | # add suitable NTP server | + | # add suitable NTP server |
vi / | vi / | ||
+ | </ | ||
+ | |||
+ | <sxh bash; first-line: | ||
+ | # Use public servers from the pool.ntp.org project. | ||
+ | # Please consider joining the pool (http:// | ||
+ | server ntp.globe.cz | ||
+ | server 0.centos.pool.ntp.org iburst | ||
+ | server 1.centos.pool.ntp.org iburst | ||
+ | server 2.centos.pool.ntp.org iburst | ||
+ | server 3.centos.pool.ntp.org iburst | ||
+ | </ | ||
+ | <codedoc code: | ||
echo '30 * * * * root / | echo '30 * * * * root / | ||
</ | </ | ||
- | VMware tools, if needed | + | ==== VMware tools ==== |
+ | ... if needed | ||
<codedoc code: | <codedoc code: | ||
yum install open-vm-tools | yum install open-vm-tools | ||
Line 80: | Line 91: | ||
</ | </ | ||
- | Replace firewalld with iptables | + | ==== Replace firewalld with iptables |
<codedoc code: | <codedoc code: | ||
yum install iptables-services | yum install iptables-services | ||
vi / | vi / | ||
- | + | </ | |
+ | |||
+ | <sxh bash> | ||
# Firewall configuration written by system-config-firewall | # Firewall configuration written by system-config-firewall | ||
# Manual customization of this file is not recommended. | # Manual customization of this file is not recommended. | ||
Line 108: | Line 122: | ||
-A FORWARD -j REJECT --reject-with icmp-host-prohibited | -A FORWARD -j REJECT --reject-with icmp-host-prohibited | ||
COMMIT | COMMIT | ||
- | + | </ | |
- | # systemctl stop firewalld.service | + | |
- | # systemctl disable firewalld.service | + | Next, execute the folowing: |
- | # systemctl enable iptables.service | + | <codedoc code: |
- | # systemctl start iptables.service | + | systemctl stop firewalld.service |
+ | systemctl disable firewalld.service | ||
+ | systemctl enable iptables.service | ||
+ | systemctl start iptables.service | ||
</ | </ | ||
- | selinux | + | ==== selinux |
<codedoc code: | <codedoc code: | ||
# TBD | # TBD | ||
Line 121: | Line 139: | ||
vi / | vi / | ||
- | + | </ | |
+ | |||
+ | <sxh bash; highlight: [6]> | ||
+ | # This file controls the state of SELinux on the system. | ||
+ | # SELINUX= can take one of these three values: | ||
+ | # | ||
+ | # | ||
+ | # | ||
SELINUX=permissive | SELINUX=permissive | ||
+ | # SELINUXTYPE= can take one of three two values: | ||
+ | # | ||
+ | # | ||
+ | # mls - Multi Level Security protection. | ||
+ | SELINUXTYPE=targeted | ||
+ | </ | ||
+ | ==== Restart ==== | ||
+ | |||
+ | <codedoc code: | ||
init 6 | init 6 | ||
</ | </ | ||