medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add tech_docs/lab/rhcsa_lab.md

Browse Source
This commit is contained in:
medusa
2024-09-26 03:10:27 +00:00
parent fd7f0e6701
commit c6f3ace1d4
1 changed files with 215 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

215
tech_docs/lab/rhcsa_lab.md Normal file
View File

@@ -0,0 +1,215 @@
# **Advanced Rocky Linux Lab Setup: A Complete Guide for Virtualization, Automation, and Networking**
This guide takes you from a minimal installation of Rocky Linux to a fully equipped, advanced lab environment. It includes virtualization, automation with Ansible, advanced networking, Python setup, and security configurations. By the end, your system will be ready to handle complex virtual machine labs, networking tasks, and resource monitoring.
---
## **Step 1: System Update and Repository Configuration**
Ensure your system is fully up to date and configure the necessary repositories for development tools and virtualization software.
```bash
# Update the system
sudo dnf update -y
# Enable CodeReady Builder (CRB) repository for development packages
sudo dnf config-manager --set-enabled crb
# Add HashiCorp repository for Vagrant
sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
# Refresh metadata cache
sudo dnf makecache
```
---
## **Step 2: Install Required Tools in One Command**
Install all essential tools in a single command, including virtualization (KVM and libvirt), development tools, Vagrant, Ansible, Python, and monitoring utilities.
```bash
sudo dnf install -y \
qemu-kvm \
libvirt \
libvirt-daemon-driver-qemu \
libvirt-devel \
vagrant \
ruby-devel \
gcc \
ansible \
python3 \
python3-pip \
bridge-utils \
net-tools \
wget \
curl \
vim \
git \
htop \
iotop \
iftop \
firewalld \
unzip
```
---
## **Step 3: Enable and Start Necessary Services**
Ensure that virtualization and firewall services are enabled and running, and set up your user for libvirt management.
```bash
# Enable and start libvirt for virtualization
sudo systemctl enable --now libvirtd
# Enable and start firewalld for network security
sudo systemctl enable --now firewalld
# Add your user to the libvirt group to manage VMs without root privileges
sudo usermod -aG libvirt $USER
newgrp libvirt # Refresh group membership without logging out
```
---
## **Step 4: Install Vagrant Plugins and Python Tools**
Install the **vagrant-libvirt** plugin to enable VM management using libvirt, and ensure Python package management is ready.
```bash
# Install Vagrant libvirt plugin
vagrant plugin install vagrant-libvirt
# Ensure pip is ready for Python package management
python3 -m pip install --upgrade pip
```
---
## **Step 5: Create and Run Virtual Machines**
Set up and run multiple virtual machines using **Vagrant** and **libvirt**.
1. **Create a Vagrant project**:
```bash
mkdir ~/vagrant-lab
cd ~/vagrant-lab
vagrant init generic/rocky9
```
2. **Modify your Vagrantfile** to set up multiple VMs with different configurations:
```ruby
Vagrant.configure("2") do |config|
config.vm.box = "generic/rocky9"
# Web server VM
config.vm.define "web" do |web|
web.vm.provider "libvirt" do |libvirt|
libvirt.memory = 2048
libvirt.cpus = 2
end
web.vm.network "private_network", type: "dhcp"
web.vm.hostname = "webserver"
end
# Database server VM
config.vm.define "db" do |db|
db.vm.provider "libvirt" do |libvirt|
libvirt.memory = 4096
libvirt.cpus = 2
end
db.vm.network "private_network", type: "dhcp"
db.vm.hostname = "dbserver"
end
end
```
3. **Bring up the VMs**:
```bash
vagrant up --provider=libvirt
```
---
## **Step 6: Verify Virtualization and Networking**
Check that the virtual machines are running properly and verify network configuration.
1. **List running virtual machines**:
```bash
sudo virsh list --all
```
2. **Check network interfaces and bridge setup**:
```bash
ip a
```
---
## **Step 7: Test Ansible and Python Setup**
Ensure **Ansible** and **Python** are correctly installed and functional.
1. **Check Ansible version**:
```bash
ansible --version
```
2. **Test Python and pip**:
```bash
python3 --version
pip3 --version
```
---
## **Step 8: Configure Security**
Set up firewall and SELinux to secure your environment.
1. **Allow web traffic on firewalld**:
```bash
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --reload
```
2. **Enable SELinux for web services**:
```bash
sudo setsebool -P httpd_can_network_connect on
```
---
## **Final Notes**
- **Monitoring Tools**: Use `htop`, `iotop`, and `iftop` to monitor CPU, disk, and network usage.
- **Networking**: Advanced network configurations can be done using **bridge-utils**.
- **Storage**: Use **LVM** inside your VMs to practice logical volume management.
- **Automation**: Test further automation tasks using **Ansible** for system provisioning.
---
### **Summary of Key Commands**
```bash
# System update, enabling repositories, and cache refresh
sudo dnf update -y
sudo dnf config-manager --set-enabled crb
sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
sudo dnf makecache
# Install all necessary packages
sudo dnf install -y qemu-kvm libvirt libvirt-daemon-driver-qemu libvirt-devel vagrant ruby-devel gcc ansible python3 python3-pip \
bridge-utils net-tools wget curl vim git htop iotop iftop firewalld unzip
# Enable and start services
sudo systemctl enable --now libvirtd
sudo systemctl enable --now firewalld
sudo usermod -aG libvirt $USER
newgrp libvirt
# Install vagrant-libvirt plugin
vagrant plugin install vagrant-libvirt
# Test Python and Ansible
python3 --version
pip3 --version
ansible --version
```
---
This guide provides a fully detailed and streamlined approach for setting up an advanced lab environment on Rocky Linux, combining all necessary tools, services, and configurations into a coherent, efficient workflow. Let me know if any further adjustments are needed!