reddit lab post 2 - install a spacewalk server

the second step in the reddit post involves installing a spacewalk server.  The instructions to do this are generally available at spacewalk.redhat.com under documentation > spacewalk wiki user doc.  The direct URL is

https://fedorahosted.org/spacewalk/wiki/HowToInstall

with sizing options and pre-reqs that need to be met.  One major note is that the installation will not proceed smoothly if you're using the postgresql install, you need to have a fairly big mount point at /var/lib/pgsql or the installation of spacewalk will stall.  I sized mine to be 20GB, but that may be overkill.

After basic server setup, to install spacewalk with postgre sql, the general steps are below

1. Install the spacewalk repository on your centos/rhel6 system
rpm -Uvh http://yum.spacewalkproject.org/2.3/RHEL/6/x86_64/spacewalk-repo-2.3-4.el6.noarch.rpm

2.  ensure you have the jpackage repo installed as well

cat > /etc/yum.repos.d/jpackage-generic.repo << EOF
[jpackage-generic]
name=JPackage generic
#baseurl=http://mirrors.dotsrc.org/pub/jpackage/5.0/generic/free/
mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=generic&type=free&release=5.0
enabled=1
gpgcheck=1
gpgkey=http://www.jpackage.org/jpackage.asc
EOF

3.  Run the command yum install spacewalk-setup-postgresql to obtain the spacewalk database setup program

4.  Install the spacewalk application using  yum install spacewalk-postgresql 

5.  Run spacewalk-setup --disconnected to complete the spacewalk setup.

reddit lab post 1 - setup a KVM hypervisor

For people looking to become systems administrators, one of the first steps listed in the reddit post involves installing a KVM hypervisor.  This is a neat, easy to use hypervisor that works with the centos/redhat OS with minimal installation.  But to install it, you first must install centos 6/rhel 6.  One big thing to take note of when doing this install is that VM images are stored by default on /var/lib/libvrt/images.  You'll really want to dedicate a big partition to that directory.  A lot of your storage could very well be needed for the /var mount point. 

 After installing the VM, you can find the packages needed to get KVM running as group packages.  you can see the available packages running the yum grouplist virt* command as below

[root@dns1 ~]# yum grouplist virt*
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Group Process
Loading mirror speeds from cached hostfile
 * Webmin: download.webmin.com
 * base: mirror.us.leaseweb.net
 * extras: mirror.team-cymru.org
 * updates: mirror.5ninesolutions.com
Available Groups:
   Virtualization
   Virtualization Client
   Virtualization Platform
   Virtualization Tools
Done

The main packages associated with virtualization are qemu-kvm, python-virtinst, virt-manager, virt-top, virt-viewer, libvirt, and libvirt-client as described in chapter 2 of Jang's RHCSA/RHCE book.  But I typically will just install all packages in the group by running

 yum groupinstall "Virtualization" "Virtualization Client" "Virtualization Platform" "Virtualization Tools"

After this, you'll find a "Virtual Machine manager" you can use in the gnome desktop.  This is the main tool you'll want to use configuring VMs.  I would go in here immediately and configure your virtual networks as needed.  The default VM network will use the subnet 192.168.122.0/24 with DHCP taking up the full subnet.  I normally will reduce that severely when practicing so I can assign IPs as needed. 


Aside:
For this project, I will be using a preinstalled version of Vmware ESXi 5.5 free.  It's something that's again pretty easy to install and configure but there's a lot of options and setup required beyond the scope of this blog.  

Opening Post: A roadmap

I will be preparing for the RHCE exam on rhel6 this year and wanted to make a blog to track my progress.  My main study tool will be Michael Jang's RHCE certification guide starting at chapter 10.  In the course of this study, I also intend to complete a lab build that's outlined in the following post on reddit.

https://www.reddit.com/r/linuxadmin/comments/2s924h/how_did_you_get_your_start/

As I go through each step of the lab buildout, I'll try my best to document with pictures how to work with each application/service, mainly for the sake of remembering what was done/how to configure the services come exam time. 

"
This is what I tell people to do, who ask me "how do I learn to be a Linux sysadmin?".
1) Set up a KVM hypervisor.

2) Inside of that KVM hypervisor, install a Spacewalk server. Use CentOS 6 as the distro for all work below. (For bonus points, set up errata importation on the CentOS channels, so you can properly see security update advisory information.)

3) Create a VM to provide named and dhcpd service to your entire environment. Set up the dhcp daemon to use the Spacewalk server as the pxeboot machine (thus allowing you to use Cobbler to do unattended OS installs). Make sure that every forward zone you create has a reverse zone associated with it. Use something like "internal.virtnet" (but not ".local") as your internal DNS zone.

4) Use that Spacewalk server to automatically (without touching it) install a new pair of OS instances, with which you will then create a Master/Master pair of LDAP servers. Make sure they register with the Spacewalk server. Do not allow anonymous bind, do not use unencrypted LDAP.

5) Reconfigure all 3 servers to use LDAP authentication.

6) Create two new VMs, again unattendedly, which will then be Postgresql VMs. Use pgpool-II to set up master/master replication between them. Export the database from your Spacewalk server and import it into the new pgsql cluster. Reconfigure your Spacewalk instance to run off of that server.

7) Set up a Puppet Master. Plug it into the Spacewalk server for identifying the inventory it will need to work with. (Cheat and use ansible for deployment purposes, again plugging into the Spacewalk server.)

8 Deploy another VM. Install iscsitgt and nfs-kernel-server on it. Export a LUN and an NFS share.

9) Deploy another VM. Install bakula on it, using the postgresql cluster to store its database. Register each machine on it, storing to flatfile. Store the bakula VM's image on the iscsi LUN, and every other machine on the NFS share.

10) Deploy two more VMs. These will have httpd (Apache2) on them. Leave essentially default for now.

11) Deploy two more VMs. These will have tomcat on them. Use JBoss Cache to replicate the session caches between them. Use the httpd servers as the frontends for this. The application you will run is JBoss Wiki.

12) You guessed right, deploy another VM. This will do iptables-based NAT/round-robin loadbalancing between the two httpd servers.

13) Deploy another VM. On this VM, install postfix. Set it up to use a gmail account to allow you to have it send emails, and receive messages only from your internal network.

14) Deploy another VM. On this VM, set up a Nagios server. Have it use snmp to monitor the communication state of every relevant service involved above. This means doing a "is the right port open" check, and a "I got the right kind of response" check and "We still have filesystem space free" check.

15) Deploy another VM. On this VM, set up a syslog daemon to listen to every other server's input. Reconfigure each other server to send their logging output to various files on the syslog server. (For extra credit, set up logstash or kibana or greylog to parse those logs.)

16) Document every last step you did in getting to this point in your brand new Wiki.

17) Now go back and create Puppet Manifests to ensure that every last one of these machines is authenticating to the LDAP servers, registered to the Spacewalk server, and backed up by the bakula server.

18 Now go back, reference your documents, and set up a Puppet Razor profile that hooks into each of these things to allow you to recreate, from scratch, each individual server.

19) Destroy every secondary machine you've created and use the above profile to recreate them, joining them to the clusters as needed.

20) Bonus exercise: create three more VMs. A CentOS 5, 6, and 7 machine. On each of these machines, set them up to allow you to create custom RPMs and import them into the Spacewalk server instance. Ensure your Puppet configurations work for all three and produce like-for-like behaviors.


Do these things and you will be fully exposed to every aspect of Linux Enterprise systems administration. Do them well and you will have the technical expertise required to seek "Senior" roles. If you go whole-hog crash-course full-time it with no other means of income, I would expect it would take between 3 and 6 months to go from "I think I'm good with computers" to achieving all of these -- assuming you're not afraid of IRC and google (and have neither friends nor family ...)."