Logical Volume Manager (LVM) is a device mapper target that provides logical volume management for the Linux kernel. LVM allows to create Logical Volumes from underlying Physical Hard Disks (Physiacal Volumes). Logical Volumes can be easily extended and shrunk according to the file system capacity demands.
Physical Volume (PV): underlying physical storage for LVM. These are most often physical hard disks, but also can be: partitions, RAID volumes, etc…
Volume Group (VG): storage pool, created from one or more Physical Volumes.
Physical Extent: small chunk of Physical Volume, used during Volume Group creation.
Logical Extent: mapped to Physical Extent, acting as front-end chunk for Logical Volumes.
Logical Volume: group of Logical Extents, used by the system as hard drive partition.
Continue reading “How to Create LVM Volume Group and Logical Volume”
If you suspect that your system was compromised and files and/or their permissions were modified by the intruder, you can use AIDE to check your file system against some modifications.
AIDE (Advanced Intrusion Detection Environment) is a file integrity checker and intrusion detection program. AIDE is used to scan the system when it’s in known good state – it collects information about files and their permissions in the file system and writes gathered information to the database. Once the database is initialized it can be used to verify the integrity of the files in case of some compromise is suspected. All of the usual file attributes can be checked for inconsistencies.
In this tutorial we will show you how to install and deploy AIDE on CentOS/Fedora/RedHat.
Continue reading “Detect Intrusion and Check Linux File System Integrity with AIDE”
Sometimes we need to know what is our system configuration (CPU, RAM, network interfaces, etc…), but we don’t want to open computer case to look what’s inside or even don’t have such possibility, especially when we are connected to remote server.
We can use lstopo command in Linux command line to quickly display system architecture.
Continue reading “Display Hardware Topology in Linux”
How to verify, if cable is connected to the interface in Linux? How to verify physical connection to network on interface in Linux?
If you are away from the server and unable to see if ethernet cable is connected to the particular interface in server, but you have another connection (i.e.: via iLO Console), you can use ethtool to verify physical connectivity on that interface remotely.
Continue reading “How To Detect Physical Interface Connectivity to the Network in Linux”
Typical OpenStack cloud setup consists of more than one node (usually one Controller node and several Compute nodes), which requires lot of physical computers / servers available to perform the installation. This complicates the situation, especially if we need to test OpenStack on many nodes. Fortunately we can use Linux KVM (Kernel-based Virtual Machine) to create OpenStack on virtual nodes and avoid problems with obtaining physical hardware.
In this tutorial we will show you how to install OpenStack on KVM on Fedora 21 based hypervisor. We will run Openstack installation on two KVM based virtual nodes (Controller and Compute).
The most important part in configuring KVM for OpenStack installation is network setup, we also need to secure some resources (VCPUs, RAM, disk space) on KVM Hypervisor to create two virtual nodes.
Continue reading “Install OpenStack on KVM – How To Configure KVM for OpenStack”
SELinux (Security Enhanced Linux) is an additional method of Linux system protection. It’s a group of security contexts that determine which process can access which files, directories, ports, etc…
SELinux has three modes:
Enforcing: SELinux protects files, directories, ports against unauthorized access and logs all SELinux events and attempts.
Permissive: SELinux allows all interactions and context violations and logs them. Permissive mode is often used for troubleshooting SELinux.
Disabled: SELinux is completely disabled.
SELinux in Enforcing mode may cause problems accessing files or ports in the system, that’s why it’s good to know how to change it’s mode or even disable it.
Continue reading “How to Disable or Enable SELinux on CentOS / Fedora / RHEL”
You can compare two text files in Linux using the following command-line tools:
– vim / vimdiff
These tools are already installed “out-of-the-box” in most Linux distributions.
Continue reading “How to compare two files in Linux command line”
Secure Shell (SSH), besides standard password authentication, gives us the possibility to authenticate using private – public key relation. This allows us access remote systems without typing the password each time we want to connect and the connection is still secure. This method is based on generation of two keys: private key (kept private on our local host), public key (given to any remote host we want to connect to passwordless).
Continue reading “How to Configure Passwordless SSH Login in Linux”
DHCP (Dynamic Host Configuration Protocol) is a network protocol used for dynamically assigning IP addresses for computers attached to the network. Standard port used for DHCP service: 67(UDP).
In this tutorial we will launch dhcp server on CentOS 7 / RHEL 7 and define example subnets.
Continue reading “Install and Configure DHCP Server on CentOS 7 / RHEL 7”
Cinder Volumes group is a block storage based on LVM (Logical Volume Manager) volume group, usually situated in Controller node in OpenStack cloud. It provides persistent block storage for runtime instances.
During typical packstack installation Cinder Volumes group size is determined in answer file (insert file) by following parameter:
If the Cinder Volumes group size we chose upon packstack installation turns out to be insufficient to create new volumes, we can attach additional physical volume on Controller node to the existing Cinder Volumes group and extend it with the new physical volume to gain more space.
Continue reading “How to Manually Extend Cinder Volumes Group in OpenStack”