Install and Configure DHCP Server on CentOS 7 / RHEL 7

DHCP (Dynamic Host Configuration Protocol) is a network protocol used for dynamically assigning IP addresses for computers attached to the network. Standard port used for DHCP service: 67(UDP).

In this tutorial we will launch dhcp server on CentOS 7 / RHEL 7 and define example subnets.
Continue reading “Install and Configure DHCP Server on CentOS 7 / RHEL 7”

How to Manually Extend Cinder Volumes Group in OpenStack

openstack
Cinder Volumes group is a block storage based on LVM (Logical Volume Manager) volume group, usually situated in Controller node in OpenStack cloud. It provides persistent block storage for runtime instances.

During typical packstack installation Cinder Volumes group size is determined in answer file (insert file) by following parameter:

CONFIG_CINDER_VOLUMES_SIZE=20G

If the Cinder Volumes group size we chose upon packstack installation turns out to be insufficient to create new volumes, we can attach additional physical volume on Controller node to the existing Cinder Volumes group and extend it with the new physical volume to gain more space.
Continue reading “How to Manually Extend Cinder Volumes Group in OpenStack”

How To Reset Forgotten Root Password on RedHat 7 / CentOS 7

RedHat 7 / CentOS 7 unlike previous version 6, doesn’t provide the ability to reset / recover root password in signle-user mode any more. This situation takes place, because RedHat 7 / CentOS 7 uses systemd manager instead of sysVinit / upstart and both systemd targets: rescue.target and emergency.target require root password. That’s why in RedHat 7 / CentOS 7 we need installation disk to boot from.
Continue reading “How To Reset Forgotten Root Password on RedHat 7 / CentOS 7”

How To Reset Forgotten Root Password on RedHat 6 / CentOS 6

RedHat 6 / CentOS 6 system gives us the opportunity to reset root password in case we forget it, on condition that we have a direct access to the machine on which we want to reset root password. Password can be reset after booting the system into single-user mode.

Steps:

1. Reboot the system

2. At the screen: “Booting Red Hat Enterprise Linux…” or “Booting CentOS…” press any key to display GRUB menu.
Continue reading “How To Reset Forgotten Root Password on RedHat 6 / CentOS 6”

LDAP Installation on CentOS 7 / RHEL 7

LDAP stands for Lightweight Directory Access Protocol. As the name suggests, it is a lightweight protocol for accessing directory services, specifically X.500-based directory services. OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License.

In this tutorial we will show you, how to install OpenLDAP server on CentOS 7 / RHEL 7 and create basic configuration in a few simple steps:
Continue reading “LDAP Installation on CentOS 7 / RHEL 7”

How to Create and Attach Cinder Volume to Instance in OpenStack

openstack
Cinder Volume is a block storage based on Linux LVM, which can be attached to instance and mounted as a regular file system.
In this tutorial we will show you how to create Cinder Volume in OpenStack and attach it to existing instance as additional partition.

Note: you need to have working OpenStack installation with existing project tenant and running instance in order to proceed with Cinder Volume creation.

Find out how to: Create project tenant in OpenStack and launch instances
Continue reading “How to Create and Attach Cinder Volume to Instance in OpenStack”

Create tenant in OpenStack and launch instances

openstack
In this tutorial we will show you, how to create project tenant in OpenStack Juno and launch instances accessible from external public network.

Note: this tutorial is a continuation of OpenStack Installation on CentOS7 / RHEL7 and we assume that you already have working installation of OpenStack.

Environment used:
cloud version: OpenStack Juno on CentOS7 (2 nodes: controller, compute)
public network (Floating IP network): 192.168.2.0/24
private network (inside Project Tenant): 192.168.20.0/24
public controller IP: 192.168.2.4 (eth0)
public compute IP: 192.168.2.5 (eth0)
Continue reading “Create tenant in OpenStack and launch instances”

vsftpd installation on CentOS 7 / RedHat 7 with selinux

vsftpd (Very Secure File Transfer Protocol Daemon) is lightweight, fast and default FTP server daemon for rpm-based Linux distributions (CentOS/RHEL/Fedora).

We will install vsftpd on CentOS7 with selinux enabled in Enforcing mode.
Continue reading “vsftpd installation on CentOS 7 / RedHat 7 with selinux”

Install OpenStack Juno on CentOS 7 / RHEL 7

openstack
OpenStack is a free and open source cloud computing platform developed as a joint project of Rackspace Hosting and NASA. Users primarily deploy it as an Infrastructure as a Service (IaaS) solution. OpenStack cloud consists of many well know technologies like: Linux KVM, LVM, iSCSI, MariaDB (MySQL), RabbitMQ or Python Django.

OpenStack architecture overview:

  1. Horizon: web browser user interface (dashboard) based on Python Django for creating and managing instances (virtual machines)
  2. Keystone: authentication and authorization framework
  3. Neutron: network connectivity as a service
  4. Cinder: persistent block storage for instances based on LVM
  5. Nova: instances management system based on Linux KVM
  6. Glance: registry for instance images
  7. Swift: file storage for cloud
  8. Ceilometer: metering engine for collecting billable data and analysis.
  9. Heat: orchestration service for template-based instance deployment

In this tutorial we will install OpenStack Juno release from RDO repository on two nodes (controller node & compute node) based on CentOS 7 / RHEL 7.

Environment used:
public network (Floating IP network): 192.168.2.0/24
internal network: no IP space, physical connection only (eth1)
public controller IP: 192.168.2.4 (eth0)
public compute IP: 192.168.2.5 (eth0)
openstack_diagram
Continue reading “Install OpenStack Juno on CentOS 7 / RHEL 7”

Detect SSH Brute Force Attack and Locate Attacker

Brute Force Attack consists of systematically checking all possible passwords until the correct one is found. If the host is exposed directly to the Internet (WAN) and SSH service is running on the host, it becomes a subject of constant brute force attacks performed by automated scripts like hydra.

To detect SSH brute force attempts on systems running systemd service manager (CentOS7/Fedora21/RHEL7), you can use journalctl command with parameters:
Continue reading “Detect SSH Brute Force Attack and Locate Attacker”