medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update tech_docs/lab/rhcsa_lab.md

Browse Source
This commit is contained in:
medusa
2024-09-26 03:17:17 +00:00
parent c6f3ace1d4
commit 7f41fdad98
1 changed files with 136 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

195
tech_docs/lab/rhcsa_lab.md
View File

@@ -1,30 +1,43 @@
# **Advanced Rocky Linux Lab Setup: A Complete Guide for Virtualization, Automation, and Networking** # **Complete Rocky Linux Lab Setup: Virtualization, Automation, and Networking**
This guide takes you from a minimal installation of Rocky Linux to a fully equipped, advanced lab environment. It includes virtualization, automation with Ansible, advanced networking, Python setup, and security configurations. By the end, your system will be ready to handle complex virtual machine labs, networking tasks, and resource monitoring. This guide provides a step-by-step process for setting up an advanced lab environment on Rocky Linux, including virtualization, automation, networking, security, and monitoring. It covers everything from system preparation to multi-VM setups using Vagrant and libvirt.
--- ---
## **Step 1: System Update and Repository Configuration** ## **Step 1: System Update and Repository Configuration**
Ensure your system is fully up to date and configure the necessary repositories for development tools and virtualization software.
```bash Start by updating your system and configuring necessary repositories.
# Update the system
sudo dnf update -y
# Enable CodeReady Builder (CRB) repository for development packages 1. **Update the system**:
sudo dnf config-manager --set-enabled crb ```bash
sudo dnf update -y
```
# Add HashiCorp repository for Vagrant 2. **Enable the CodeReady Builder (CRB) repository**:
sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo ```bash
sudo dnf config-manager --set-enabled crb
```
# Refresh metadata cache 3. **Add the HashiCorp repository for Vagrant**:
sudo dnf makecache ```bash
``` sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
```
4. **Import the GPG key for security** (optional but recommended):
```bash
sudo rpm --import https://rpm.releases.hashicorp.com/gpg
```
5. **Refresh the package cache**:
```bash
sudo dnf makecache
```
--- ---
## **Step 2: Install Required Tools in One Command** ## **Step 2: Install Required Tools**
Install all essential tools in a single command, including virtualization (KVM and libvirt), development tools, Vagrant, Ansible, Python, and monitoring utilities.
Install all necessary packages for virtualization, development, automation, and monitoring tools.
```bash ```bash
sudo dnf install -y \ sudo dnf install -y \
@@ -48,53 +61,78 @@ sudo dnf install -y \
iotop \ iotop \
iftop \ iftop \
firewalld \ firewalld \
unzip unzip \
kernel-devel \
kernel-headers
```
**Optional**: For a full development environment, install the complete "Development Tools" group:
```bash
sudo dnf groupinstall -y "Development Tools"
``` ```
--- ---
## **Step 3: Enable and Start Necessary Services** ## **Step 3: Enable and Start Services**
Ensure that virtualization and firewall services are enabled and running, and set up your user for libvirt management.
```bash Ensure the essential services for virtualization and security are running, and update your user permissions for VM management.
# Enable and start libvirt for virtualization
sudo systemctl enable --now libvirtd
# Enable and start firewalld for network security 1. **Enable and start libvirt**:
sudo systemctl enable --now firewalld ```bash
sudo systemctl enable --now libvirtd
```
# Add your user to the libvirt group to manage VMs without root privileges 2. **Enable and start firewalld**:
sudo usermod -aG libvirt $USER ```bash
newgrp libvirt # Refresh group membership without logging out sudo systemctl enable --now firewalld
``` ```
3. **Add your user to the `libvirt` group**:
```bash
sudo usermod -aG libvirt $USER
```
4. **Log out and log back in** or run the following command to apply group membership:
```bash
newgrp libvirt
```
--- ---
## **Step 4: Install Vagrant Plugins and Python Tools** ## **Step 4: Install Vagrant Plugins and Python Setup**
Install the **vagrant-libvirt** plugin to enable VM management using libvirt, and ensure Python package management is ready.
```bash Install the **vagrant-libvirt** plugin and ensure **Python** is fully set up.
# Install Vagrant libvirt plugin
vagrant plugin install vagrant-libvirt
# Ensure pip is ready for Python package management 1. **Install the vagrant-libvirt plugin**:
python3 -m pip install --upgrade pip ```bash
``` vagrant plugin install vagrant-libvirt
```
2. **Ensure pip is upgraded**:
```bash
python3 -m pip install --upgrade pip
```
3. **Optional**: Use Python virtual environments to avoid affecting system-wide packages:
```bash
python3 -m venv ~/venv
source ~/venv/bin/activate
```
--- ---
## **Step 5: Create and Run Virtual Machines** ## **Step 5: Create and Run Virtual Machines**
Set up and run multiple virtual machines using **Vagrant** and **libvirt**.
1. **Create a Vagrant project**: Now that everything is installed, set up and run multiple virtual machines using Vagrant.
1. **Create a Vagrant project directory and initialize**:
```bash ```bash
mkdir ~/vagrant-lab mkdir ~/vagrant-lab
cd ~/vagrant-lab cd ~/vagrant-lab
vagrant init generic/rocky9 vagrant init generic/rocky9
``` ```
2. **Modify your Vagrantfile** to set up multiple VMs with different configurations: 2. **Modify the Vagrantfile** for a multi-VM setup (web and database servers):
```ruby ```ruby
Vagrant.configure("2") do |config| Vagrant.configure("2") do |config|
config.vm.box = "generic/rocky9" config.vm.box = "generic/rocky9"
@@ -105,7 +143,7 @@ Set up and run multiple virtual machines using **Vagrant** and **libvirt**.
libvirt.memory = 2048 libvirt.memory = 2048
libvirt.cpus = 2 libvirt.cpus = 2
end end
web.vm.network "private_network", type: "dhcp" web.vm.network "private_network", ip: "192.168.56.10"
web.vm.hostname = "webserver" web.vm.hostname = "webserver"
end end
@@ -115,7 +153,7 @@ Set up and run multiple virtual machines using **Vagrant** and **libvirt**.
libvirt.memory = 4096 libvirt.memory = 4096
libvirt.cpus = 2 libvirt.cpus = 2
end end
db.vm.network "private_network", type: "dhcp" db.vm.network "private_network", ip: "192.168.56.11"
db.vm.hostname = "dbserver" db.vm.hostname = "dbserver"
end end
end end
@@ -126,25 +164,38 @@ Set up and run multiple virtual machines using **Vagrant** and **libvirt**.
vagrant up --provider=libvirt vagrant up --provider=libvirt
``` ```
4. **SSH into the VMs**:
```bash
vagrant ssh web
vagrant ssh db
```
--- ---
## **Step 6: Verify Virtualization and Networking** ## **Step 6: Verify Virtualization and Networking**
Check that the virtual machines are running properly and verify network configuration.
Ensure the virtual machines are running correctly and networked.
1. **List running virtual machines**: 1. **List running virtual machines**:
```bash ```bash
sudo virsh list --all sudo virsh list --all
``` ```
2. **Check network interfaces and bridge setup**: 2. **Check network interfaces**:
```bash ```bash
ip a ip a
``` ```
3. **Verify that the `virbr0` bridge is active**:
```bash
ip link show virbr0
```
--- ---
## **Step 7: Test Ansible and Python Setup** ## **Step 7: Test Ansible and Python Setup**
Ensure **Ansible** and **Python** are correctly installed and functional.
Verify that Ansible and Python are ready for automation tasks.
1. **Check Ansible version**: 1. **Check Ansible version**:
```bash ```bash
@@ -157,10 +208,20 @@ Ensure **Ansible** and **Python** are correctly installed and functional.
pip3 --version pip3 --version
``` ```
3. **Create an Ansible inventory file for the VMs**:
```ini
[webservers]
webserver ansible_host=192.168.56.10 ansible_user=vagrant ansible_private_key_file=.vagrant/machines/web/libvirt/private_key
[dbservers]
dbserver ansible_host=192.168.56.11 ansible_user=vagrant ansible_private_key_file=.vagrant/machines/db/libvirt/private_key
```
--- ---
## **Step 8: Configure Security** ## **Step 8: Configure Security**
Set up firewall and SELinux to secure your environment.
Set up firewalld and SELinux to secure your environment.
1. **Allow web traffic on firewalld**: 1. **Allow web traffic on firewalld**:
```bash ```bash
@@ -175,31 +236,49 @@ Set up firewall and SELinux to secure your environment.
--- ---
## **Final Notes** ## **Additional Suggestions**
- **Monitoring Tools**: Use `htop`, `iotop`, and `iftop` to monitor CPU, disk, and network usage.
- **Networking**: Advanced network configurations can be done using **bridge-utils**. - **Automate VM Provisioning**: Use Ansible playbooks to install services on the VMs. For example:
- **Storage**: Use **LVM** inside your VMs to practice logical volume management. ```yaml
- **Automation**: Test further automation tasks using **Ansible** for system provisioning. ---
- hosts: webservers
tasks:
- name: Install Apache
yum:
name: httpd
state: present
- name: Start Apache
service:
name: httpd
state: started
enabled: true
```
- **Configure Static IPs**: This is useful for consistent VM addresses.
- **Resource Monitoring**: Use `htop`, `iotop`, and `iftop` inside the VMs for CPU, disk, and network monitoring.
--- ---
### **Summary of Key Commands** ## **Summary of Key Commands**
```bash ```bash
# System update, enabling repositories, and cache refresh # System update and repository configuration
sudo dnf update -y sudo dnf update -y
sudo dnf config-manager --set-enabled crb sudo dnf config-manager --set-enabled crb
sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
sudo rpm --import https://rpm.releases.hashicorp.com/gpg
sudo dnf makecache sudo dnf makecache
# Install all necessary packages # Install necessary packages
sudo dnf install -y qemu-kvm libvirt libvirt-daemon-driver-qemu libvirt-devel vagrant ruby-devel gcc ansible python3 python3-pip \ sudo dnf install -y qemu-kvm libvirt libvirt-daemon-driver-qemu libvirt-devel vagrant ansible python3 python3-pip \
bridge-utils net-tools wget curl vim git htop iotop iftop firewalld unzip bridge-utils net-tools wget curl vim git htop iotop iftop firewalld unzip kernel-devel kernel-headers
# Enable and start services # Enable and start services
sudo systemctl enable --now libvirtd sudo systemctl enable --now libvirtd
sudo systemctl enable --now firewalld sudo systemctl enable --now firewalld
sudo usermod -aG libvirt $USER sudo usermod -aG libvirt $USER
newgrp libvirt # Log out and log back in or use `newgrp libvirt`
# Install vagrant-libvirt plugin # Install vagrant-libvirt plugin
vagrant plugin install vagrant-libvirt vagrant plugin install vagrant-libvirt
@@ -209,7 +288,3 @@ python3 --version
pip3 --version pip3 --version
ansible --version ansible --version
``` ```
---
This guide provides a fully detailed and streamlined approach for setting up an advanced lab environment on Rocky Linux, combining all necessary tools, services, and configurations into a coherent, efficient workflow. Let me know if any further adjustments are needed!