Red Hat How To

RSS
Apr
14

How to install GlusterFS Server on Centos 6.x

Well lets me explain why “CentOS” not Red Hat. Due to package dependencies on Red Hat, I decided to install it on CentOS not on Red Hat.

Error: Package: glusterfs-server-3.4.2-1.el6.x86_64 (/glusterfs-server-3.4.2-1.el6.x86_64)
Requires: libcrypto.so.10(libcrypto.so.10)(64bit)
Error: Package: glusterfs-libs-3.6.2-1.el6.x86_64 (glusterfs-rhel)
Requires: libcrypto.so.10(libcrypto.so.10)(64bit)
Error: Package: glusterfs-server-3.4.2-1.el6.x86_64 (/glusterfs-server-3.4.2-1.el6.x86_64)

First of all, lets begin with VM(yes I am installing on virtual machines on Vmware ESX) specs I have.

One note here; Do NOT clone your VMs after installing glusterFS. glusterFS depends on UUIDs and clone VMs have the same UUIDs so most probably it wont work. can I clone it after OS installation? sure.

Each VMs(node01 and node02) have;

– Centos 6.5 with Minimal package option

– Two disks.sdba(8GB) for OS and sdb(1GB) for GlusterFS

– Two network interfaces. One for internet connection(download packages etc) etc. second one for glusterFS(replication etc)

node01 has two IPs.135.243.90.250 for internet connection and 192.168.1.250 for glusterFS private network

and here are lines from /etc/hosts on both VMs.

# more /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
135.243.90.250 node01
135.243.90.251 node02
192.168.1.250 node01-priv
192.168.1.251 node02-priv

On node01, allow connections from second node(node02)

[root@node01 ~]# iptables -I INPUT -p all -s 192.168.1.251 -j ACCEPT
[root@node01 ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@node01 ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all — 192.168.1.251 0.0.0.0/0
2 ACCEPT all — 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
3 ACCEPT icmp — 0.0.0.0/0 0.0.0.0/0
4 ACCEPT all — 0.0.0.0/0 0.0.0.0/0
5 ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
6 REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination

 

On node02, allow connections from first node(node01)

[root@node02 ~]# iptables -I INPUT -p all -s 192.168.1.250 -j ACCEPT
[root@node02 ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@node02 ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all — 192.168.1.250 0.0.0.0/0
2 ACCEPT all — 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
3 ACCEPT icmp — 0.0.0.0/0 0.0.0.0/0
4 ACCEPT all — 0.0.0.0/0 0.0.0.0/0
5 ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
6 REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination

Disks for glusterFS are in place

[root@node01 ~]# fdisk -l /dev/sdb

Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

[root@node02 ~]# fdisk -l /dev/sdb

Disk /dev/sdb: 1073 MB, 1073741824 bytes
34 heads, 61 sectors/track, 1011 cylinders
Units = cylinders of 2074 * 512 = 1061888 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

 

Create offical glusterFS repository;
[root@node01 ~]# wget -P /etc/yum.repos.d http://download.gluster.org/pub/gluster/glusterfs/LATEST/RHEL/glusterfs-epel.repo
–2015-04-14 10:30:03– http://download.gluster.org/pub/gluster/glusterfs/LATEST/RHEL/glusterfs-epel.repo
Resolving download.gluster.org… 50.57.69.89
Connecting to download.gluster.org|50.57.69.89|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 1055 (1.0K) [text/plain]
Saving to: “/etc/yum.repos.d/glusterfs-epel.repo”

100%[=============================================================================================================================>] 1,055 –.-K/s in 0s

2015-04-14 10:30:03 (127 MB/s) – “/etc/yum.repos.d/glusterfs-epel.repo” saved [1055/1055]

[root@node02 ~]# wget -P /etc/yum.repos.d http://download.gluster.org/pub/gluster/glusterfs/LATEST/RHEL/glusterfs-epel.repo
–2015-04-14 10:16:43– http://download.gluster.org/pub/gluster/glusterfs/LATEST/RHEL/glusterfs-epel.repo
Resolving download.gluster.org… 50.57.69.89
Connecting to download.gluster.org|50.57.69.89|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 1055 (1.0K) [text/plain]
Saving to: “/etc/yum.repos.d/glusterfs-epel.repo”

100%[=============================================================================================================================>] 1,055 –.-K/s in 0s

2015-04-14 10:16:43 (132 MB/s) – “/etc/yum.repos.d/glusterfs-epel.repo” saved [1055/1055]
Now we are ready to install glusterFS server. First install on node01;

[root@node01 ~]# yum install glusterfs-server
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.hostkenti.com.tr
* extras: mirror.hostkenti.com.tr
* updates: mirror.rackdc.com
glusterfs-epel | 2.9 kB 00:00
glusterfs-epel/primary_db | 11 kB 00:00
glusterfs-noarch-epel | 2.9 kB 00:00
glusterfs-noarch-epel/primary_db | 2.2 kB 00:00
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package glusterfs-server.x86_64 0:3.6.2-1.el6 will be installed
–> Processing Dependency: glusterfs-libs = 3.6.2-1.el6 for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: glusterfs-fuse = 3.6.2-1.el6 for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: glusterfs-cli = 3.6.2-1.el6 for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: glusterfs = 3.6.2-1.el6 for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: rpcbind for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: nfs-utils for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfapi.so.0(GFAPI_PRIVATE_3.4.0)(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfapi.so.0(GFAPI_3.4.0)(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libaio.so.1(LIBAIO_0.4)(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libaio.so.1(LIBAIO_0.1)(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libglusterfs.so.0()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfxdr.so.0()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfrpc.so.0()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfapi.so.0()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libaio.so.1()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Running transaction check
—> Package glusterfs.x86_64 0:3.6.2-1.el6 will be installed
—> Package glusterfs-api.x86_64 0:3.6.2-1.el6 will be installed
—> Package glusterfs-cli.x86_64 0:3.6.2-1.el6 will be installed
—> Package glusterfs-fuse.x86_64 0:3.6.2-1.el6 will be installed
—> Package glusterfs-libs.x86_64 0:3.6.2-1.el6 will be installed
—> Package libaio.x86_64 0:0.3.107-10.el6 will be installed
—> Package nfs-utils.x86_64 1:1.2.3-54.el6 will be installed
–> Processing Dependency: nfs-utils-lib >= 1.1.0-3 for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: keyutils >= 1.4-4 for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libtirpc for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libgssglue.so.1(libgssapi_CITI_2)(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libgssglue for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libevent for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libtirpc.so.1()(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libnfsidmap.so.0()(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libgssglue.so.1()(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libevent-1.4.so.2()(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
—> Package rpcbind.x86_64 0:0.2.0-11.el6 will be installed
–> Running transaction check
—> Package keyutils.x86_64 0:1.4-5.el6 will be installed
–> Processing Dependency: keyutils-libs = 1.4-5.el6 for package: keyutils-1.4-5.el6.x86_64
—> Package libevent.x86_64 0:1.4.13-4.el6 will be installed
—> Package libgssglue.x86_64 0:0.1-11.el6 will be installed
—> Package libtirpc.x86_64 0:0.2.1-10.el6 will be installed
—> Package nfs-utils-lib.x86_64 0:1.1.5-9.el6 will be installed
–> Running transaction check
—> Package keyutils-libs.x86_64 0:1.4-4.el6 will be updated
—> Package keyutils-libs.x86_64 0:1.4-5.el6 will be an update
–> Finished Dependency Resolution

Dependencies Resolved

=======================================================================================================================================================================
Package Arch Version Repository Size
=======================================================================================================================================================================
Installing:
glusterfs-server x86_64 3.6.2-1.el6 glusterfs-epel 716 k
Installing for dependencies:
glusterfs x86_64 3.6.2-1.el6 glusterfs-epel 1.4 M
glusterfs-api x86_64 3.6.2-1.el6 glusterfs-epel 63 k
glusterfs-cli x86_64 3.6.2-1.el6 glusterfs-epel 142 k
glusterfs-fuse x86_64 3.6.2-1.el6 glusterfs-epel 91 k
glusterfs-libs x86_64 3.6.2-1.el6 glusterfs-epel 280 k
keyutils x86_64 1.4-5.el6 base 39 k
libaio x86_64 0.3.107-10.el6 base 21 k
libevent x86_64 1.4.13-4.el6 base 66 k
libgssglue x86_64 0.1-11.el6 base 23 k
libtirpc x86_64 0.2.1-10.el6 base 79 k
nfs-utils x86_64 1:1.2.3-54.el6 base 326 k
nfs-utils-lib x86_64 1.1.5-9.el6 base 68 k
rpcbind x86_64 0.2.0-11.el6 base 51 k
Updating for dependencies:
keyutils-libs x86_64 1.4-5.el6 base 20 k

Transaction Summary
=======================================================================================================================================================================
Install 14 Package(s)
Upgrade 1 Package(s)

Total download size: 3.4 M
Is this ok [y/N]: y

Downloading Packages:
(1/15): glusterfs-3.6.2-1.el6.x86_64.rpm | 1.4 MB 00:01
(2/15): glusterfs-api-3.6.2-1.el6.x86_64.rpm | 63 kB 00:00
(3/15): glusterfs-cli-3.6.2-1.el6.x86_64.rpm | 142 kB 00:00
(4/15): glusterfs-fuse-3.6.2-1.el6.x86_64.rpm | 91 kB 00:00
(5/15): glusterfs-libs-3.6.2-1.el6.x86_64.rpm | 280 kB 00:00
(6/15): glusterfs-server-3.6.2-1.el6.x86_64.rpm | 716 kB 00:01
(7/15): keyutils-1.4-5.el6.x86_64.rpm | 39 kB 00:00
(8/15): keyutils-libs-1.4-5.el6.x86_64.rpm | 20 kB 00:00
(9/15): libaio-0.3.107-10.el6.x86_64.rpm | 21 kB 00:00
(10/15): libevent-1.4.13-4.el6.x86_64.rpm | 66 kB 00:00
(11/15): libgssglue-0.1-11.el6.x86_64.rpm | 23 kB 00:00
(12/15): libtirpc-0.2.1-10.el6.x86_64.rpm | 79 kB 00:00
(13/15): nfs-utils-1.2.3-54.el6.x86_64.rpm | 326 kB 00:00
(14/15): nfs-utils-lib-1.1.5-9.el6.x86_64.rpm | 68 kB 00:00
(15/15): rpcbind-0.2.0-11.el6.x86_64.rpm | 51 kB 00:00
———————————————————————————————————————————————————————–
Total 441 kB/s | 3.4 MB 00:07
warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID 4ab22bb3: NOKEY
Retrieving key from http://download.gluster.org/pub/gluster/glusterfs/LATEST/EPEL.repo/pub.key
Importing GPG key 0x4AB22BB3:
Userid: “Gluster Packager <glusterpackager@download.gluster.org>”
From : http://download.gluster.org/pub/gluster/glusterfs/LATEST/EPEL.repo/pub.key
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : glusterfs-libs-3.6.2-1.el6.x86_64 1/16
Installing : libgssglue-0.1-11.el6.x86_64 2/16
Installing : glusterfs-api-3.6.2-1.el6.x86_64 3/16
Installing : glusterfs-3.6.2-1.el6.x86_64 4/16
Installing : libtirpc-0.2.1-10.el6.x86_64 5/16
Installing : rpcbind-0.2.0-11.el6.x86_64 6/16
Updating : keyutils-libs-1.4-5.el6.x86_64 7/16
Installing : keyutils-1.4-5.el6.x86_64 8/16
Installing : glusterfs-fuse-3.6.2-1.el6.x86_64 9/16
Installing : glusterfs-cli-3.6.2-1.el6.x86_64 10/16
Installing : libaio-0.3.107-10.el6.x86_64 11/16
Installing : libevent-1.4.13-4.el6.x86_64 12/16
Installing : nfs-utils-lib-1.1.5-9.el6.x86_64 13/16
Installing : 1:nfs-utils-1.2.3-54.el6.x86_64 14/16
Installing : glusterfs-server-3.6.2-1.el6.x86_64 15/16
Cleanup : keyutils-libs-1.4-4.el6.x86_64 16/16
Verifying : keyutils-libs-1.4-5.el6.x86_64 1/16
Verifying : glusterfs-server-3.6.2-1.el6.x86_64 2/16
Verifying : rpcbind-0.2.0-11.el6.x86_64 3/16
Verifying : glusterfs-3.6.2-1.el6.x86_64 4/16
Verifying : 1:nfs-utils-1.2.3-54.el6.x86_64 5/16
Verifying : glusterfs-cli-3.6.2-1.el6.x86_64 6/16
Verifying : nfs-utils-lib-1.1.5-9.el6.x86_64 7/16
Verifying : keyutils-1.4-5.el6.x86_64 8/16
Verifying : libtirpc-0.2.1-10.el6.x86_64 9/16
Verifying : libgssglue-0.1-11.el6.x86_64 10/16
Verifying : glusterfs-libs-3.6.2-1.el6.x86_64 11/16
Verifying : libevent-1.4.13-4.el6.x86_64 12/16
Verifying : glusterfs-fuse-3.6.2-1.el6.x86_64 13/16
Verifying : libaio-0.3.107-10.el6.x86_64 14/16
Verifying : glusterfs-api-3.6.2-1.el6.x86_64 15/16
Verifying : keyutils-libs-1.4-4.el6.x86_64 16/16

Installed:
glusterfs-server.x86_64 0:3.6.2-1.el6

Dependency Installed:
glusterfs.x86_64 0:3.6.2-1.el6 glusterfs-api.x86_64 0:3.6.2-1.el6 glusterfs-cli.x86_64 0:3.6.2-1.el6 glusterfs-fuse.x86_64 0:3.6.2-1.el6
glusterfs-libs.x86_64 0:3.6.2-1.el6 keyutils.x86_64 0:1.4-5.el6 libaio.x86_64 0:0.3.107-10.el6 libevent.x86_64 0:1.4.13-4.el6
libgssglue.x86_64 0:0.1-11.el6 libtirpc.x86_64 0:0.2.1-10.el6 nfs-utils.x86_64 1:1.2.3-54.el6 nfs-utils-lib.x86_64 0:1.1.5-9.el6
rpcbind.x86_64 0:0.2.0-11.el6

Dependency Updated:
keyutils-libs.x86_64 0:1.4-5.el6

Complete!

 

Now install glusterfs-server on node02;

[root@node02 ~]# yum install glusterfs-server
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirror.rackdc.com
* extras: mirror.rackdc.com
* updates: mirror.rackdc.com
glusterfs-epel | 2.9 kB 00:00
glusterfs-epel/primary_db | 11 kB 00:00
glusterfs-noarch-epel | 2.9 kB 00:00
glusterfs-noarch-epel/primary_db | 2.2 kB 00:00
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package glusterfs-server.x86_64 0:3.6.2-1.el6 will be installed
–> Processing Dependency: glusterfs-libs = 3.6.2-1.el6 for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: glusterfs-fuse = 3.6.2-1.el6 for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: glusterfs-cli = 3.6.2-1.el6 for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: glusterfs = 3.6.2-1.el6 for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: rpcbind for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: nfs-utils for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfapi.so.0(GFAPI_PRIVATE_3.4.0)(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfapi.so.0(GFAPI_3.4.0)(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libaio.so.1(LIBAIO_0.4)(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libaio.so.1(LIBAIO_0.1)(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libglusterfs.so.0()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfxdr.so.0()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfrpc.so.0()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libgfapi.so.0()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Processing Dependency: libaio.so.1()(64bit) for package: glusterfs-server-3.6.2-1.el6.x86_64
–> Running transaction check
—> Package glusterfs.x86_64 0:3.6.2-1.el6 will be installed
—> Package glusterfs-api.x86_64 0:3.6.2-1.el6 will be installed
—> Package glusterfs-cli.x86_64 0:3.6.2-1.el6 will be installed
—> Package glusterfs-fuse.x86_64 0:3.6.2-1.el6 will be installed
—> Package glusterfs-libs.x86_64 0:3.6.2-1.el6 will be installed
—> Package libaio.x86_64 0:0.3.107-10.el6 will be installed
—> Package nfs-utils.x86_64 1:1.2.3-54.el6 will be installed
–> Processing Dependency: nfs-utils-lib >= 1.1.0-3 for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: keyutils >= 1.4-4 for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libtirpc for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libgssglue.so.1(libgssapi_CITI_2)(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libgssglue for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libevent for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libtirpc.so.1()(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libnfsidmap.so.0()(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libgssglue.so.1()(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
–> Processing Dependency: libevent-1.4.so.2()(64bit) for package: 1:nfs-utils-1.2.3-54.el6.x86_64
—> Package rpcbind.x86_64 0:0.2.0-11.el6 will be installed
–> Running transaction check
—> Package keyutils.x86_64 0:1.4-5.el6 will be installed
–> Processing Dependency: keyutils-libs = 1.4-5.el6 for package: keyutils-1.4-5.el6.x86_64
—> Package libevent.x86_64 0:1.4.13-4.el6 will be installed
—> Package libgssglue.x86_64 0:0.1-11.el6 will be installed
—> Package libtirpc.x86_64 0:0.2.1-10.el6 will be installed
—> Package nfs-utils-lib.x86_64 0:1.1.5-9.el6 will be installed
–> Running transaction check
—> Package keyutils-libs.x86_64 0:1.4-4.el6 will be updated
—> Package keyutils-libs.x86_64 0:1.4-5.el6 will be an update
–> Finished Dependency Resolution

Dependencies Resolved

=======================================================================================================================================================================
Package Arch Version Repository Size
=======================================================================================================================================================================
Installing:
glusterfs-server x86_64 3.6.2-1.el6 glusterfs-epel 716 k
Installing for dependencies:
glusterfs x86_64 3.6.2-1.el6 glusterfs-epel 1.4 M
glusterfs-api x86_64 3.6.2-1.el6 glusterfs-epel 63 k
glusterfs-cli x86_64 3.6.2-1.el6 glusterfs-epel 142 k
glusterfs-fuse x86_64 3.6.2-1.el6 glusterfs-epel 91 k
glusterfs-libs x86_64 3.6.2-1.el6 glusterfs-epel 280 k
keyutils x86_64 1.4-5.el6 base 39 k
libaio x86_64 0.3.107-10.el6 base 21 k
libevent x86_64 1.4.13-4.el6 base 66 k
libgssglue x86_64 0.1-11.el6 base 23 k
libtirpc x86_64 0.2.1-10.el6 base 79 k
nfs-utils x86_64 1:1.2.3-54.el6 base 326 k
nfs-utils-lib x86_64 1.1.5-9.el6 base 68 k
rpcbind x86_64 0.2.0-11.el6 base 51 k
Updating for dependencies:
keyutils-libs x86_64 1.4-5.el6 base 20 k

Transaction Summary
=======================================================================================================================================================================
Install 14 Package(s)
Upgrade 1 Package(s)

Total download size: 3.4 M
Is this ok [y/N]: y

Downloading Packages:
(1/15): glusterfs-3.6.2-1.el6.x86_64.rpm | 1.4 MB 00:02
(2/15): glusterfs-api-3.6.2-1.el6.x86_64.rpm | 63 kB 00:00
(3/15): glusterfs-cli-3.6.2-1.el6.x86_64.rpm | 142 kB 00:00
(4/15): glusterfs-fuse-3.6.2-1.el6.x86_64.rpm | 91 kB 00:00
(5/15): glusterfs-libs-3.6.2-1.el6.x86_64.rpm | 280 kB 00:00
(6/15): glusterfs-server-3.6.2-1.el6.x86_64.rpm | 716 kB 00:01
(7/15): keyutils-1.4-5.el6.x86_64.rpm | 39 kB 00:00
(8/15): keyutils-libs-1.4-5.el6.x86_64.rpm | 20 kB 00:00
(9/15): libaio-0.3.107-10.el6.x86_64.rpm | 21 kB 00:00
(10/15): libevent-1.4.13-4.el6.x86_64.rpm | 66 kB 00:00
(11/15): libgssglue-0.1-11.el6.x86_64.rpm | 23 kB 00:00
(12/15): libtirpc-0.2.1-10.el6.x86_64.rpm | 79 kB 00:00
(13/15): nfs-utils-1.2.3-54.el6.x86_64.rpm | 326 kB 00:00
(14/15): nfs-utils-lib-1.1.5-9.el6.x86_64.rpm | 68 kB 00:00
(15/15): rpcbind-0.2.0-11.el6.x86_64.rpm | 51 kB 00:00
———————————————————————————————————————————————————————–
Total 421 kB/s | 3.4 MB 00:08
warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID 4ab22bb3: NOKEY
Retrieving key from http://download.gluster.org/pub/gluster/glusterfs/LATEST/EPEL.repo/pub.key
Importing GPG key 0x4AB22BB3:
Userid: “Gluster Packager <glusterpackager@download.gluster.org>”
From : http://download.gluster.org/pub/gluster/glusterfs/LATEST/EPEL.repo/pub.key
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : glusterfs-libs-3.6.2-1.el6.x86_64 1/16
Installing : libgssglue-0.1-11.el6.x86_64 2/16
Installing : glusterfs-api-3.6.2-1.el6.x86_64 3/16
Installing : glusterfs-3.6.2-1.el6.x86_64 4/16
Installing : libtirpc-0.2.1-10.el6.x86_64 5/16
Installing : rpcbind-0.2.0-11.el6.x86_64 6/16
Updating : keyutils-libs-1.4-5.el6.x86_64 7/16
Installing : keyutils-1.4-5.el6.x86_64 8/16
Installing : glusterfs-fuse-3.6.2-1.el6.x86_64 9/16
Installing : glusterfs-cli-3.6.2-1.el6.x86_64 10/16
Installing : libaio-0.3.107-10.el6.x86_64 11/16
Installing : libevent-1.4.13-4.el6.x86_64 12/16
Installing : nfs-utils-lib-1.1.5-9.el6.x86_64 13/16
Installing : 1:nfs-utils-1.2.3-54.el6.x86_64 14/16
Installing : glusterfs-server-3.6.2-1.el6.x86_64 15/16
Cleanup : keyutils-libs-1.4-4.el6.x86_64 16/16
Verifying : keyutils-libs-1.4-5.el6.x86_64 1/16
Verifying : glusterfs-server-3.6.2-1.el6.x86_64 2/16
Verifying : rpcbind-0.2.0-11.el6.x86_64 3/16
Verifying : glusterfs-3.6.2-1.el6.x86_64 4/16
Verifying : 1:nfs-utils-1.2.3-54.el6.x86_64 5/16
Verifying : glusterfs-cli-3.6.2-1.el6.x86_64 6/16
Verifying : nfs-utils-lib-1.1.5-9.el6.x86_64 7/16
Verifying : keyutils-1.4-5.el6.x86_64 8/16
Verifying : libtirpc-0.2.1-10.el6.x86_64 9/16
Verifying : libgssglue-0.1-11.el6.x86_64 10/16
Verifying : glusterfs-libs-3.6.2-1.el6.x86_64 11/16
Verifying : libevent-1.4.13-4.el6.x86_64 12/16
Verifying : glusterfs-fuse-3.6.2-1.el6.x86_64 13/16
Verifying : libaio-0.3.107-10.el6.x86_64 14/16
Verifying : glusterfs-api-3.6.2-1.el6.x86_64 15/16
Verifying : keyutils-libs-1.4-4.el6.x86_64 16/16

Installed:
glusterfs-server.x86_64 0:3.6.2-1.el6

Dependency Installed:
glusterfs.x86_64 0:3.6.2-1.el6 glusterfs-api.x86_64 0:3.6.2-1.el6 glusterfs-cli.x86_64 0:3.6.2-1.el6 glusterfs-fuse.x86_64 0:3.6.2-1.el6
glusterfs-libs.x86_64 0:3.6.2-1.el6 keyutils.x86_64 0:1.4-5.el6 libaio.x86_64 0:0.3.107-10.el6 libevent.x86_64 0:1.4.13-4.el6
libgssglue.x86_64 0:0.1-11.el6 libtirpc.x86_64 0:0.2.1-10.el6 nfs-utils.x86_64 1:1.2.3-54.el6 nfs-utils-lib.x86_64 0:1.1.5-9.el6
rpcbind.x86_64 0:0.2.0-11.el6

Dependency Updated:
keyutils-libs.x86_64 0:1.4-5.el6

Complete!

Start glusterd service and make it auto-start during boot.

[root@node01 ~]# service glusterd start
Starting glusterd: [ OK ]
[root@node01 ~]# chkconfig glusterd on

[root@node02 ~]# service glusterd start
Starting glusterd: [ OK ]
[root@node02 ~]# chkconfig glusterd on

Lets peer nodes in glusterfs cluster. Please note that we are using “node02-priv”, not “node02” as hostname. Doing

[root@node01 ~]# gluster peer probe node02-priv
peer probe: success.

[root@node01 ~]# gluster peer status
Number of Peers: 1

Hostname: node02-priv
Uuid: cfe6739d-c8bd-4788-9fbd-0b0201c44257
State: Peer in Cluster (Connected)

[root@node02 ~]# gluster peer probe node01-priv
peer probe: success.

[root@node02 ~]# gluster peer status
Number of Peers: 1

Hostname: 192.168.1.250
Uuid: 7c8a36e2-9791-444a-8824-ba5d8389aff7
State: Peer in Cluster (Connected)
Other names:
node01-priv

At that point, we have built glusterFS cluster with two nodes. Now we will configure second disk partition(/dev/sdb) on each VM for glusterFS.

[root@node01 ~]# fdisk -cu /dev/sdb
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0x8eb8a450.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won’t be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First sector (2048-2097151, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-2097151, default 2097151):
Using default value 2097151

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.
[root@node01 ~]# fdisk -cul /dev/sdb

Disk /dev/sdb: 1073 MB, 1073741824 bytes
139 heads, 8 sectors/track, 1885 cylinders, total 2097152 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x8eb8a450

Device Boot Start End Blocks Id System
/dev/sdb1 2048 2097151 1047552 83 Linux

 

[root@node02 ~]# fdisk -cu /dev/sdb
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0x15124cd9.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won’t be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First sector (2048-2097151, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-2097151, default 2097151):
Using default value 2097151

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

 

To make new file system as XFS, you will need mkfs.xfs. so you must install xfsprogs package on both nodes.

[root@node01 ~]# yum install xfsprogs
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.hostkenti.com.tr
* extras: mirror.hostkenti.com.tr
* updates: mirror.rackdc.com
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package xfsprogs.x86_64 0:3.1.1-16.el6 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

=======================================================================================================================================================================
Package Arch Version Repository Size
=======================================================================================================================================================================
Installing:
xfsprogs x86_64 3.1.1-16.el6 base 724 k

Transaction Summary
=======================================================================================================================================================================
Install 1 Package(s)

Total download size: 724 k
Installed size: 3.2 M
Is this ok [y/N]: y
Downloading Packages:
xfsprogs-3.1.1-16.el6.x86_64.rpm | 724 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : xfsprogs-3.1.1-16.el6.x86_64 1/1
Verifying : xfsprogs-3.1.1-16.el6.x86_64 1/1

Installed:
xfsprogs.x86_64 0:3.1.1-16.el6

Complete!

[root@node02 ~]# yum install xfsprogs
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.rackdc.com
* extras: mirror.rackdc.com
* updates: mirror.rackdc.com
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package xfsprogs.x86_64 0:3.1.1-16.el6 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

=======================================================================================================================================================================
Package Arch Version Repository Size
=======================================================================================================================================================================
Installing:
xfsprogs x86_64 3.1.1-16.el6 base 724 k

Transaction Summary
=======================================================================================================================================================================
Install 1 Package(s)

Total download size: 724 k
Installed size: 3.2 M
Is this ok [y/N]: y
Downloading Packages:
xfsprogs-3.1.1-16.el6.x86_64.rpm | 724 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : xfsprogs-3.1.1-16.el6.x86_64 1/1
Verifying : xfsprogs-3.1.1-16.el6.x86_64 1/1

Installed:
xfsprogs.x86_64 0:3.1.1-16.el6

Complete!

Make new filesystem on the glusterfs partition.

[root@node01 ~]# mkfs.xfs -i size=1024 /dev/sdb1
meta-data=/dev/sdb1 isize=1024 agcount=4, agsize=65472 blks
= sectsz=512 attr=2, projid32bit=0
data = bsize=4096 blocks=261888, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0
log =internal log bsize=4096 blocks=1216, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0

[root@node02 ~]# mkfs.xfs -i size=1024 /dev/sdb1
meta-data=/dev/sdb1 isize=1024 agcount=4, agsize=65472 blks
= sectsz=512 attr=2, projid32bit=0
data = bsize=4096 blocks=261888, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0
log =internal log bsize=4096 blocks=1216, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0

 

Mount glusterfs partition(/dev/sdb1) to /mnt/glusterfs on both nodes

[root@node01 ~]# mkdir -p /mnt/glusterfs/
[root@node01 ~]# mount /dev/sdb1 /mnt/glusterfs/
[root@node01 ~]# mkdir -p /mnt/glusterfs/brick/

 

[root@node02 ~]# mkdir -p /mnt/glusterfs/
[root@node02 ~]# mount /dev/sdb1 /mnt/glusterfs/
[root@node02 ~]# mkdir -p /mnt/glusterfs/brick/

Add one line into /etc/fstab on both nodes for auto mounting during boot.

[root@node01 ~]# echo “/dev/sdb1 /mnt/glusterfs/ xfs defaults 0 0” > /etc/fstab

[root@node02 ~]# echo “/dev/sdb1 /mnt/glusterfs/ xfs defaults 0 0” > /etc/fstab

 

[root@node01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_node01-lv_root 6.7G 834M 5.5G 13% /
tmpfs 499M 0 499M 0% /dev/shm
/dev/sda1 485M 33M 427M 8% /boot
/dev/sdb1 1019M 33M 987M 4% /mnt/glusterfs

 

[root@node02 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_node02-lv_root 6.8G 785M 5.7G 13% /
tmpfs 499M 0 499M 0% /dev/shm
/dev/sda1 194M 28M 156M 16% /boot
/dev/sdb1 1019M 33M 987M 4% /mnt/glusterfs

 

Ok. we are almost there. Just a few more commands 🙂

There are many options to create volumes like distrubuted, striped, replicated etc. here we will replicate glusterfs partitions on both nodes.

Lets create glusterfs volume(only on one node is enough);

[root@node01 ~]# gluster volume create gv0 replica 2 transport tcp node01-priv:/mnt/glusterfs/brick node02-priv:/mnt/glusterfs/brick
volume create: gv0: success: please start the volume to access data
[root@node01 ~]# gluster volume start gv0
volume start: gv0: success
[root@node01 ~]# gluster volume status
Status of volume: gv0
Gluster process Port Online Pid
——————————————————————————
Brick node01-priv:/mnt/glusterfs/brick 49152 Y 1872
Brick node02-priv:/mnt/glusterfs/brick 49152 Y 2283
NFS Server on localhost N/A N N/A
Self-heal Daemon on localhost N/A Y 1895
NFS Server on node02-priv N/A N N/A
Self-heal Daemon on node02-priv N/A Y 2305

Task Status of Volume gv0
——————————————————————————
There are no active volume tasks

[root@node01 ~]# gluster volume info

Volume Name: gv0
Type: Replicate
Volume ID: 11c6d137-e2b9-4aad-96a5-e49919417d87
Status: Started
Number of Bricks: 1 x 2 = 2
Transport-type: tcp
Bricks:
Brick1: node01-priv:/mnt/glusterfs/brick
Brick2: node02-priv:/mnt/glusterfs/brick

 

[root@node02 ~]# gluster volume info

Volume Name: gv0
Type: Replicate
Volume ID: 11c6d137-e2b9-4aad-96a5-e49919417d87
Status: Started
Number of Bricks: 1 x 2 = 2
Transport-type: tcp
Bricks:
Brick1: node01-priv:/mnt/glusterfs/brick
Brick2: node02-priv:/mnt/glusterfs/brick
[root@node02 ~]# gluster volume status
Status of volume: gv0
Gluster process Port Online Pid
——————————————————————————
Brick node01-priv:/mnt/glusterfs/brick 49152 Y 1872
Brick node02-priv:/mnt/glusterfs/brick 49152 Y 2283
NFS Server on localhost N/A N N/A
Self-heal Daemon on localhost N/A Y 2305
NFS Server on 192.168.1.250 N/A N N/A
Self-heal Daemon on 192.168.1.250 N/A Y 1895

Task Status of Volume gv0
——————————————————————————
There are no active volume tasks

Yes.Finally we are ready. Now lets test it!

Since I don’t have any client right now. I will use one of existing nodes as client to access glusterfs partition, create some files and will check created files on other node.

[root@node02 ]# mkdir /data

[root@node01 ~]# mount -t glusterfs node01-priv:/gv0 /data/
[root@node01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_node01-lv_root 6.7G 834M 5.5G 13% /
tmpfs 499M 0 499M 0% /dev/shm
/dev/sda1 485M 33M 427M 8% /boot
/dev/sdb1 1019M 33M 986M 4% /mnt/glusterfs
node01-priv:/gv0 1019M 33M 986M 4% /data

 

[root@node02 ]# mkdir /data
[root@node02 ]# mount -t glusterfs node01-priv:/gv0 /data/
[root@node02 ]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_node02-lv_root 6.8G 786M 5.7G 13% /
tmpfs 499M 0 499M 0% /dev/shm
/dev/sda1 194M 28M 156M 16% /boot
/dev/sdb1 1019M 33M 986M 4% /mnt/glusterfs
node01-priv:/gv0 1019M 33M 986M 4% /data

Lets create a file on node01;

[root@node01 ~]# cd /data
[root@node01 data]# ls -l
total 0
[root@node01 data]# dd if=/dev/zero of=/data/filefromNode01 bs=10240 count=99
99+0 records in
99+0 records out
1013760 bytes (1.0 MB) copied, 0.036761 s, 27.6 MB/s
[root@node01 data]# ls -l
total 990
-rw-r–r–. 1 root root 1013760 Apr 14 11:32 filefromNode01

Check file is visible on node02;

[root@node02 ~]# cd /data
[root@node02 data]# ls -l
total 990
-rw-r–r–. 1 root root 1013760 Apr 14 11:18 filefromNode01

 

Done!

Dec
12

How to configure iSCSI Server(target portal) in RHEL 6.x

Lets start with installing iscsi server packages.

Assuming that you have local RHEL 6.x DVD repository to install packages. If you haven’t done it yet, please see here

#yum install scsi-target-utils

After installing necessary packages, we need a separate partition to share via iscsi.

 

# fdisk /dev/sdb

WARNING: DOS-compatible mode is deprecated. It’s strongly recommended to
switch off the mode (command ‘c’) and change display units to
sectors (command ‘u’).

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-130, default 1): 1
Last cylinder, +cylinders or +size{K,M,G} (1-130, default 130): 100M

Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 83

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

Syncing disks.

# fdisk -l /dev/sdb

Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000a859a

Device Boot Start End Blocks Id System
/dev/sdb1 1 100 803218+ 83 Linux

 

Lets create new file system on new partition

#mkfs.ext4 /dev/sdb1

After creating new file system on the partition, we will share that partition with iscsi.

Open /etc/tgt/targets.conf and add following lines and then save it.

<target iqn.2014-12.com.redhathowto.com:iscsiserver.target1>
backing-store /dev/sdb1
</target>

 

Before starting tgtd service, we need to add new firewall rule in iptables to allow clients to connect iscsi server. Add following line in /etc/sysconfig/iptables

#service iptables stop

#vi /etc/sysconfig/iptables

-A INPUT -m state –state NEW -m tcp -p tcp –dport 3260 -j ACCEPT

#service iptables start

Now lets start tgtd service and set it to start at boot.

# service tgtd start
Starting SCSI target daemon: [ OK ]
#chkconfig tgtd on

 

Still on the iSCSI server, lets list iscsi target to make sure that it is available.

# tgt-admin -s
Target 1: iqn.2014-12.com.redhathowto.com:iscsiserver.target1
System information:
Driver: iscsi
State: ready
I_T nexus information:
LUN information:
LUN: 0
Type: controller
SCSI ID: IET 00010000
SCSI SN: beaf10
Size: 0 MB, Block size: 1
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: null
Backing store path: None
Backing store flags:
LUN: 1
Type: disk
SCSI ID: IET 00010001
SCSI SN: beaf11
Size: 214 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdb1
Backing store flags:
Account information:
ACL information:
ALL

 

Now, iSCSI Server is ready. You can access it from iscsi clients. If you want to configure RHEL client to access iSCSI Server, please check this post. You may configure windows client to access iSCSI Server, please go to (Control Panel–>System and Security–>Administrative Tools–>iSCSI Initiator)

 

Dec
09

How to create LUKS-Encrypted Volume in RHEL 6.X

we will create LUKS-Encrypted volume from scratch, create new file system and finally we will mount LUKS-Encrypted volume in RHEL. Here I have one separate physical disk as “/dev/sdb”.

First of all, lets create primary partition by using “fdisk”.

# fdisk /dev/sdb

WARNING: DOS-compatible mode is deprecated. It’s strongly recommended to
switch off the mode (command ‘c’) and change display units to
sectors (command ‘u’).

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-130, default 1):
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-130, default 130): +300M

Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 83

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

# fdisk -l /dev/sdb

Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000a859a

Device Boot Start End Blocks Id System
/dev/sdb1 1 39 313236 83 Linux

 

Now we have a partition as /dev/sdb1 and we will format as encrypted partition

# cryptsetup luksFormat /dev/sdb1

WARNING!
========
This will overwrite data on /dev/sdb1 irrevocably.

Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:

 

we have an encrypted partition. we will open with a name as “luksvol”

#cryptsetup luksOpen /dev/sdb1 luksvol
Enter passphrase for /dev/sdb1:

Lets see it is opened and ready to access.

# ls /dev/mapper/luksvol
/dev/mapper/luksvol

Lets create new file system on new volume.

# mkfs.ext4 /dev/mapper/luksvol
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
Stride=0 blocks, Stripe width=0 blocks
77824 inodes, 311188 blocks
15559 blocks (5.00%) reserved for the super user
First data block=1
Maximum filesystem blocks=67633152
38 block groups
8192 blocks per group, 8192 fragments per group
2048 inodes per group
Superblock backups stored on blocks:
8193, 24577, 40961, 57345, 73729, 204801, 221185

Writing inode tables: done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 32 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.

new file system is created and ready to mount.

# mkdir /mnt/luksvol

# mount /dev/mapper/luksvol /mnt/luksdir
# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_node01-lv_root
3.9G 2.7G 1.1G 72% /
tmpfs 499M 76K 499M 1% /dev/shm
/dev/sda1 194M 29M 156M 16% /boot
/dev/mapper/luksvol 295M 11M 270M 4% /mnt/luksdir

# cd /mnt/luksdir/
# touch fileinluks
# ls -l
total 13
-rw-r–r–. 1 root root 0 Dec 9 21:34 fileinluks
drwx——. 2 root root 12288 Dec 9 21:31 lost+found

 

Up to now, we manually open and mount the encrypted device. If you want it to be opened and mounted automatically during boot, you need to do following changes.

First, we need to add following line in /etc/crypttab to automatically open encrypted volume.

luksvol /dev/sdb1

And also we need to add following line in /etc/fstab to automatically mount

/dev/mapper/luksvol /mnt/luksdir ext4 defaults 1 2

Please note that ,during booting RHEL, it will ask passphrase to open LUKS-encrypted volume.

 

 

Jul
14

How to add keypair/public key via Nova into Openstack

Here I will explain how to add your public key of a user into Openstack

1. First need to set environment variables. Usually, environment variables are under /root(user home directory of user) as keystonerc_admin.

#cd /root

#source keystone_admin

2. Assuming that your public key is /root/.ssh/id_rsa.pub

(keystone_demo)]#nova keypair-add –pub_key /root/.ssh/id_rsa.pub mykeypairname

 

Thats all

Nov
14

How to install OpenSwan IPSEC Host-to-Host between RHEL 6.x Servers

Pre-requirements;

– Two RHEL 6.x server

– Each server must have two interfaces with proper IP configuration.

– Local YUM repository on both servers to install necessary packages. If you dont know howto create YUM repo with iso image, see this

 

1. First of all, you need to two interfaces on each servers(namely vpnserver and vpnclient) with proper IP configurations. Here what I have;

vpnserver:

# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:02:53:11 brd ff:ff:ff:ff:ff:ff
inet 172.29.4.243/22 brd 172.29.7.255 scope global eth0
inet6 fe80::20c:29ff:fe02:5311/64 scope link
valid_lft forever preferred_lft forever
11: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:02:53:1b brd ff:ff:ff:ff:ff:ff
inet 192.1.2.23/24 brd 192.1.2.255 scope global eth1
inet6 fe80::20c:29ff:fe02:531b/64 scope link
valid_lft forever preferred_lft forever

vpnclient:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:ba:5b:00 brd ff:ff:ff:ff:ff:ff
inet 172.29.4.246/22 brd 172.29.7.255 scope global eth0
inet6 fe80::20c:29ff:feba:5b00/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:ba:5b:0a brd ff:ff:ff:ff:ff:ff
inet 192.1.2.45/24 brd 192.1.2.255 scope global eth1
inet6 fe80::20c:29ff:feba:5b0a/64 scope link
valid_lft forever preferred_lft forever

2. Install openswan packages on both servers after creating local YUM repo.

#yum -y install openswan

3. Initilize NSS database without password on both servers. If it asks for password, just hit enter.

#certutil -N -d /etc/ipsec.d/

4. here I will temporarily stop firewall and disable SELinux. If you dont want to stop firewall, then you need to open UDP port 500 and 4500.

#service iptables stop

#setenforce 0

5. Create RSA keys on both servers.

#ipsec newhostkey –configdir /etc/ipsec.d –output /etc/ipsec.d/ipsec.secrets –bits 4096

6. Lets see what we have as key on both servers. vpnserver(called “left”) and vpnclient(called “right”).

On vpnserver(left):

(vpnserver)# ipsec showhostkey –left
ipsec showhostkey nss directory showhostkey: /etc/ipsec.d
# rsakey AQOijpm4R
leftrsasigkey=0sAQOijpm4R5ZZlywQQgan2RP/tCJnD5k6w9g+oChTxACwx4rhHjNCZWNN6/7LohJlnj2yhkZ0yX0pRrtjMrT7VRrX0nkXENF/3sfPLnTXutqQfhX7/XZmAW86pM7Oxd6BbrVz6m/p7aIhxVVk6pWh0z5iR889wwZIFZ9DLGEJuSpn7f4BJ2wwnQO1IVC3GSiMwKz1ICPn1v+AWbTr4dooz4unJRwnxc7WQH6yE8Gt4vjv3K8jxSnUuFQPgo+sCc7yVDxc/HS30sWSXFtk4SWUtBTLZX2NUyC6RMewm3M9BwLu0WdEwyXpm779JjNd7lnwMdthpu09KCxl9PQukLyPUcwMJcb+E522w2D+1ScJtYGx4Oi4YRuABb2EOlNneokGsfrqXUdVLfRwbaBkWyjV3j0A7iSBT1T7ZGxuxZpEbAHCtF0Cz1M84xQPIgNJFLy0G1QX2rqjwmKJrLlXmHN2F5d0YP9HYIWgTzK4QpKQv+drUuMPzJ4odnhSetKb/cJBOArX58qmUHxPM8gm8A0tR5SDr00Cy/lM+MR8Iq3hywKf+myEBPfu6AejEWDL01l/4bPbfllNwwZ4SkeR4R58wAUgPR1WTIgT4iq9fy9X8y/VxFOSlBpWDoOLhWpH9Kpp5Z0o3JOSUmIhFRMLkynnVPoCe05uXE7NhqI745Jx4HJQBQ==

(vpnclient)#ipsec showhostkey –right
ipsec showhostkey nss directory showhostkey: /etc/ipsec.d
# rsakey AQPJQm6TL
rightrsasigkey=0sAQPJQm6TLqgM3h1icvEYpu/ytriklckgC/8FLO4ePylUKfDbzbSyrWaVF0sxxT8KcwryhP/bqebGlbRSlA0yHsV7Th6Xn/sp7bulj01zeczjgjHYToRX9MPn3Em++Yg+uf6OcTBQ8GTpsZtvvYBhKlxiFV6ToPnlncA8XqUImwozywYOCrFw57W/8TnhJEwEfZQUFLehNjDSeBhNgw7CDMzTSk6+jhboTJlyiiY73m6JIjsvhBSmlSWZKockuIw2WX7rTUvRdoGyNFmhVCvStQcoQueUuzdFOJbhe+auHNEJcM/hLKdssI4AR4AUDdUF1c9IZOnAdD6xkU1UpsF3jXU8/kq0ALCkvMIRU7KCZu3v9/79d+uM6+oozgQtGiSinWBGkMLPsc98LM9zcDutsUihksy+R8Hyh+rKhkOYLFCxlKYY7tNOBi0kIQ9xtz40oy5B2KpbXYd50cmw8SsFmu5YFK4QN66PloiZAFm4+pvi9DG9umdn9GPbzVRJW94vE4Eg2zFQD7G4hrQWyoVLkHDChbjwmyd/FyZciiaYs6n16l3xXs6jw+2iGxda5KYxL0+ulXsqum6sy9o+wqsou9qg8UWHp0KiG9PMGQhO5b6egr9+G8VWFowRmz5GuJIL2DK800bC/1ISqapR13vonXDFyXvJE2lrz46X/bHOtzsfCw==

7. Uncomment following line /etc/ipsec.conf on both servers.

include /etc/ipsec.d/*.conf

8. Create your own config file(myconfig.conf) under /etc/ipsec.d/ and put it on both servers. you can use the same file on both servers. the key point is to place left and right keys, properly. In step 6, we got left and right keys. we need to put those keys in myconfig.conf file with proper IPs and hostnames(see step 1)

# more /etc/ipsec.d/myconfig.conf
conn mytunnel
leftid=@vpnserver
left=192.1.2.23
# rsakey AQOijpm4R
leftrsasigkey=0sAQOijpm4R5ZZlywQQgan2RP/tCJnD5k6w9g+oChTxACwx4rhHjNCZWNN6/7LohJlnj2yhkZ0yX0pRrtjMrT7VRrX0nkXENF/3sfPLnTXutqQ
fhX7/XZmAW86pM7Oxd6BbrVz6m/p7aIhxVVk6pWh0z5iR889wwZIFZ9DLGEJuSpn7f4BJ2wwnQO1IVC3GSiMwKz1ICPn1v+AWbTr4dooz4unJRwnxc7WQH6yE8Gt4vjv3K8j
xSnUuFQPgo+sCc7yVDxc/HS30sWSXFtk4SWUtBTLZX2NUyC6RMewm3M9BwLu0WdEwyXpm779JjNd7lnwMdthpu09KCxl9PQukLyPUcwMJcb+E522w2D+1ScJtYGx4Oi4YRuA
Bb2EOlNneokGsfrqXUdVLfRwbaBkWyjV3j0A7iSBT1T7ZGxuxZpEbAHCtF0Cz1M84xQPIgNJFLy0G1QX2rqjwmKJrLlXmHN2F5d0YP9HYIWgTzK4QpKQv+drUuMPzJ4odnhS
etKb/cJBOArX58qmUHxPM8gm8A0tR5SDr00Cy/lM+MR8Iq3hywKf+myEBPfu6AejEWDL01l/4bPbfllNwwZ4SkeR4R58wAUgPR1WTIgT4iq9fy9X8y/VxFOSlBpWDoOLhWpH
9Kpp5Z0o3JOSUmIhFRMLkynnVPoCe05uXE7NhqI745Jx4HJQBQ==
rightid=@vpnclient
right=192.1.2.45
# rsakey AQPJQm6TL
rightrsasigkey=0sAQPJQm6TLqgM3h1icvEYpu/ytriklckgC/8FLO4ePylUKfDbzbSyrWaVF0sxxT8KcwryhP/bqebGlbRSlA0yHsV7Th6Xn/sp7bulj01zeczjgjH
YToRX9MPn3Em++Yg+uf6OcTBQ8GTpsZtvvYBhKlxiFV6ToPnlncA8XqUImwozywYOCrFw57W/8TnhJEwEfZQUFLehNjDSeBhNgw7CDMzTSk6+jhboTJlyiiY73m6JIjsvhBS
mlSWZKockuIw2WX7rTUvRdoGyNFmhVCvStQcoQueUuzdFOJbhe+auHNEJcM/hLKdssI4AR4AUDdUF1c9IZOnAdD6xkU1UpsF3jXU8/kq0ALCkvMIRU7KCZu3v9/79d+uM6+o
ozgQtGiSinWBGkMLPsc98LM9zcDutsUihksy+R8Hyh+rKhkOYLFCxlKYY7tNOBi0kIQ9xtz40oy5B2KpbXYd50cmw8SsFmu5YFK4QN66PloiZAFm4+pvi9DG9umdn9GPbzVR
JW94vE4Eg2zFQD7G4hrQWyoVLkHDChbjwmyd/FyZciiaYs6n16l3xXs6jw+2iGxda5KYxL0+ulXsqum6sy9o+wqsou9qg8UWHp0KiG9PMGQhO5b6egr9+G8VWFowRmz5GuJI
L2DK800bC/1ISqapR13vonXDFyXvJE2lrz46X/bHOtzsfCw==
authby=rsasig
# load and initiate automatically
auto=start

9. Add “mytunnel” in ipsec and start ipsec service on both servers

#service ipsec start

#chkconfig ipsec on

#ipsec auto –add mytunnel

/usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled

10. Now lets connect to other server

#ipsec auto –up mytunnel

104 “mytunnel” #6: STATE_MAIN_I1: initiate
010 “mytunnel” #6: STATE_MAIN_I1: retransmission; will wait 20s for response
003 “mytunnel” #6: received Vendor ID payload [Openswan (this version) 2.6.32 ]
003 “mytunnel” #6: received Vendor ID payload [Dead Peer Detection]
003 “mytunnel” #6: received Vendor ID payload [RFC 3947] method set to=109
106 “mytunnel” #6: STATE_MAIN_I2: sent MI2, expecting MR2
003 “mytunnel” #6: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
108 “mytunnel” #6: STATE_MAIN_I3: sent MI3, expecting MR3
003 “mytunnel” #6: received Vendor ID payload [CAN-IKEv2]
004 “mytunnel” #6: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
117 “mytunnel” #9: STATE_QUICK_I1: initiate
004 “mytunnel” #9: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x16938712 <0x40fffaae xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}

 

 

 

Nov
13

How to install VPN PPTP Server on RedHat 6.x

1. First of all, you need to install pptp and ppp packages. ppp package is available in RedHat 6.x ISO images.

You may create a local repository on your server and install it. If you dont know how to create a repo, please check here

You can download pptp package from http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.el6.x86_64.rpm and install it.

#cd /root

#wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.el6.x86_64.rpm

#yum install -y pptpd-1.4.0-1.el6.x86_64.rpm

2. After installing both packages, you need to decide local IP(VPN Server Local IP, not the public one) and remote IP range(Clients will get when they establish connection to vpn server).

At the end of /etc/pptpd.conf file, you need to uncomment/modify following lines. You can give any localIP and remoteIP ranges as soon as they are suitable for your network.

localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245

3. next step is configuring authentication method and encryption. If you want, you can also add an DNS Server.

In /etc/ppp/options.pptpd file, add following first two lines if they dont exist.

# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
# Challenge Handshake Authentication Protocol, Version 2] authentication.
require-mschap-v2
# Require MPPE 128-bit encryption
# (note that MPPE requires the use of MSCHAP-V2 during authentication)
require-mppe-128

If you want to assign a DNS Server to your clients then add following line, too.

ms-dns DNS_SERVER_IP

4. Now we need to create username and password for clients. To do that, you need to add following lines in /etc/ppp/chap-secrets file

Line format: client_username * client_password *

testuser * testpassword *

5. Now, I will stop iptables service. If you want to enable firewall, then need to add proper rules.

#service iptables stop

6. You also need to enable IP forwarding on VPN server. By default, IP forwarding is disabled in /etc/sysctl.conf. You need to change it to 1 and reboot the server to take changes in effect. Or, you can run “sysctl -p” to get immediate in effect.

# more /etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.

# Controls IP packet forwarding
net.ipv4.ip_forward = 0 #Need to set it to 1

#sysctl -p

7. We need to set pptpd service to run at boot automatically and then start the pptpd service.

#chkconfig pptpd on

#service pptpd start

8. Now you can establish VPN server from Windows, Linux etc clients.

 

 

Oct
30

How to install OpenStack Grizzly(All in One) on RHEL 6.4

 

Pre-requirements:

– Internet connection

– Red Hat Account to download packages or available repository to get

– RHEL 6.4 ISO Image

 

1- Install RHEL 6.4 with minimum installation package group(+ openssh-clients and ntpd packages)

2. Install Puppet repo rpm package
(root)# yum install -y http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm

3. Install Grizzly repository package
(root)#yum install -y http://rdo.fedorapeople.org/openstack-grizzly/rdo-release-grizzly.rpm

4. Update repositories
(root)#yum check-update
[root@openstackserver repos]# yum check-update
Loaded plugins: product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
openstack-grizzly | 2.9 kB 00:00
openstack-grizzly/primary_db | 972 kB 00:03
puppetlabs-deps | 1.9 kB 00:00
puppetlabs-deps/primary_db | 21 kB 00:00
puppetlabs-products | 1.9 kB 00:00
puppetlabs-products/primary_db | 98 kB 00:00

iproute.x86_64 2.6.32-130.el6ost.netns.2 openstack-grizzly
iputils.x86_64 20071127-17.el6_4 openstack-grizzly
kernel.x86_64 2.6.32-358.123.2.openstack.el6 openstack-grizzly
kernel-firmware.noarch 2.6.32-358.123.2.openstack.el6 openstack-grizzly

5. Download “rubygems-1.8.16-1.el6.noarch” from Red Hat and upload under /root
6. Create a repository which uses RHEL 6.4 ISO image. If you dont know how to do it, check here
7. Install “rubygems” package
(root)#yum install -y /root/rubygems-1.8.16-1.el6.noarch
8. Now instally “puppet”. It will download necessary packages from repositories and then install them
[root@openstackserver packages]# yum install -y puppet-3.3.2-1.el6.noarch
Loaded plugins: product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package puppet.noarch 0:3.3.1-1.el6 will be installed
–> Processing Dependency: facter >= 1.6.11 for package: puppet-3.3.1-1.el6.noarch
–> Processing Dependency: ruby-rgen >= 0.6.5 for package: puppet-3.3.1-1.el6.noarch
–> Processing Dependency: hiera >= 1.0.0 for package: puppet-3.3.1-1.el6.noarch
–> Processing Dependency: ruby-augeas for package: puppet-3.3.1-1.el6.noarch
–> Processing Dependency: ruby-shadow for package: puppet-3.3.1-1.el6.noarch
–> Processing Dependency: ruby(selinux) for package: puppet-3.3.1-1.el6.noarch
–> Running transaction check
—> Package facter.x86_64 1:1.7.3-1.el6 will be installed
—> Package hiera.noarch 0:1.2.1-1.el6 will be installed
–> Processing Dependency: rubygem-json for package: hiera-1.2.1-1.el6.noarch
—> Package libselinux-ruby.x86_64 0:2.0.94-5.3.el6 will be installed
—> Package ruby-augeas.x86_64 0:0.4.1-1.el6 will be installed
–> Processing Dependency: augeas-libs >= 0.8.0 for package: ruby-augeas-0.4.1-1.el6.x86_64
–> Processing Dependency: libaugeas.so.0(AUGEAS_0.8.0)(64bit) for package: ruby-augeas-0.4.1-1.el6.x86_64
–> Processing Dependency: libaugeas.so.0(AUGEAS_0.12.0)(64bit) for package: ruby-augeas-0.4.1-1.el6.x86_64
–> Processing Dependency: libaugeas.so.0(AUGEAS_0.11.0)(64bit) for package: ruby-augeas-0.4.1-1.el6.x86_64
–> Processing Dependency: libaugeas.so.0(AUGEAS_0.10.0)(64bit) for package: ruby-augeas-0.4.1-1.el6.x86_64
–> Processing Dependency: libaugeas.so.0(AUGEAS_0.1.0)(64bit) for package: ruby-augeas-0.4.1-1.el6.x86_64
–> Processing Dependency: libaugeas.so.0()(64bit) for package: ruby-augeas-0.4.1-1.el6.x86_64
—> Package ruby-rgen.noarch 0:0.6.5-1.el6 will be installed
—> Package ruby-shadow.x86_64 0:1.4.1-13.el6 will be installed
–> Running transaction check
—> Package augeas-libs.x86_64 0:0.9.0-4.el6 will be installed
—> Package rubygem-json.x86_64 0:1.5.5-1.el6 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================================================
Package Arch Version Repository Size
====================================================================================================================================
Installing:
puppet noarch 3.3.1-1.el6 puppetlabs-products 1.1 M
Installing for dependencies:
augeas-libs x86_64 0.9.0-4.el6 rhel-dvd 317 k
facter x86_64 1:1.7.3-1.el6 puppetlabs-products 85 k
hiera noarch 1.2.1-1.el6 puppetlabs-products 21 k
libselinux-ruby x86_64 2.0.94-5.3.el6 rhel-dvd 99 k
ruby-augeas x86_64 0.4.1-1.el6 puppetlabs-deps 21 k
ruby-rgen noarch 0.6.5-1.el6 puppetlabs-deps 87 k
ruby-shadow x86_64 1.4.1-13.el6 puppetlabs-deps 11 k
rubygem-json x86_64 1.5.5-1.el6 puppetlabs-deps 763 k

Transaction Summary
====================================================================================================================================
Install 9 Package(s)

Total download size: 2.5 M
Installed size: 6.3 M
Downloading Packages:
(2/9): facter-1.7.3-1.el6.x86_64.rpm | 85 kB 00:00
(3/9): hiera-1.2.1-1.el6.noarch.rpm | 21 kB 00:00
(5/9): puppet-3.3.1-1.el6.noarch.rpm | 1.1 MB 00:10
(6/9): ruby-augeas-0.4.1-1.el6.x86_64.rpm | 21 kB 00:00
(7/9): ruby-rgen-0.6.5-1.el6.noarch.rpm | 87 kB 00:00
(8/9): ruby-shadow-1.4.1-13.el6.x86_64.rpm | 11 kB 00:00
(9/9): rubygem-json-1.5.5-1.el6.x86_64.rpm | 763 kB 00:07
————————————————————————————————————————————
Total 125 kB/s | 2.5 MB 00:20
warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs
Importing GPG key 0x4BD6EC30:
Userid : Puppet Labs Release Key (Puppet Labs Release Key) <info@puppetlabs.com>
Package: puppetlabs-release-6-7.noarch (@/puppetlabs-release-6-7.noarch)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : ruby-shadow-1.4.1-13.el6.x86_64 1/9
Installing : rubygem-json-1.5.5-1.el6.x86_64 2/9
Installing : hiera-1.2.1-1.el6.noarch 3/9
Installing : ruby-rgen-0.6.5-1.el6.noarch 4/9
Installing : 1:facter-1.7.3-1.el6.x86_64 5/9
Installing : libselinux-ruby-2.0.94-5.3.el6.x86_64 6/9
Installing : augeas-libs-0.9.0-4.el6.x86_64 7/9
Installing : ruby-augeas-0.4.1-1.el6.x86_64 8/9
Installing : puppet-3.3.1-1.el6.noarch 9/9
Verifying : augeas-libs-0.9.0-4.el6.x86_64 1/9
Verifying : ruby-augeas-0.4.1-1.el6.x86_64 2/9
Verifying : libselinux-ruby-2.0.94-5.3.el6.x86_64 3/9
Verifying : 1:facter-1.7.3-1.el6.x86_64 4/9
Verifying : ruby-rgen-0.6.5-1.el6.noarch 5/9
Verifying : hiera-1.2.1-1.el6.noarch 6/9
Verifying : puppet-3.3.1-1.el6.noarch 7/9
Verifying : rubygem-json-1.5.5-1.el6.x86_64 8/9
Verifying : ruby-shadow-1.4.1-13.el6.x86_64 9/9

Installed:
puppet.noarch 0:3.3.1-1.el6

Dependency Installed:
augeas-libs.x86_64 0:0.9.0-4.el6 facter.x86_64 1:1.7.3-1.el6 hiera.noarch 0:1.2.1-1.el6
libselinux-ruby.x86_64 0:2.0.94-5.3.el6 ruby-augeas.x86_64 0:0.4.1-1.el6 ruby-rgen.noarch 0:0.6.5-1.el6
ruby-shadow.x86_64 0:1.4.1-13.el6 rubygem-json.x86_64 0:1.5.5-1.el6

Complete!

9. Install “openstack-packstack” package
[root@openstackserver packages]# yum install -y openstack-packstack
Loaded plugins: product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package openstack-packstack.noarch 0:2013.1.1-0.29.dev683.el6 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================================================
Package Arch Version Repository Size
====================================================================================================================================
Installing:
openstack-packstack noarch 2013.1.1-0.29.dev683.el6 openstack-grizzly 602 k

Transaction Summary
====================================================================================================================================
Install 1 Package(s)

Total download size: 602 k
Installed size: 1.8 M
Downloading Packages:
openstack-packstack-2013.1.1-0.29.dev683.el6.noarch.rpm | 602 kB 00:04
warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID d97b3247: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-Grizzly
Importing GPG key 0xD97B3247:
Userid : rdo-grizzly-sign <rdo-info@redhat.com>
Package: rdo-release-grizzly-3.noarch (@/rdo-release-grizzly-3.noarch)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-Grizzly
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : openstack-packstack-2013.1.1-0.29.dev683.el6.noarch 1/1
Verifying : openstack-packstack-2013.1.1-0.29.dev683.el6.noarch 1/1

Installed:
openstack-packstack.noarch 0:2013.1.1-0.29.dev683.el6

Complete!

10. Now, lets check new packages available on repos if any.
(root)#yum check-update
Loaded plugins: product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

iproute.x86_64 2.6.32-130.el6ost.netns.2 openstack-grizzly
iputils.x86_64 20071127-17.el6_4 openstack-grizzly
kernel.x86_64 2.6.32-358.123.2.openstack.el6 openstack-grizzly
kernel-firmware.noarch 2.6.32-358.123.2.openstack.el6 openstack-grizzly

11. Update packages. It may take some time to download new packages depending on connection speed etc.
(root)#yum update -y

[Edit]After updating packages, puppet will be upgraded to newer version. Due to a bug, you need to downgrade puppet package to older version.

[root@openstackserver packages]# yum downgrade puppet-3.3.2-1.el6.noarch

12. Install OpenStack Grizzly on RHEL 6.4. During installation, installer will download missing packages from repositories. so it may take some time to install.
If you want to download all necessary packages prior to installing Open Stack, you can see list of all available packages(at the end of this post) after installation is completed.
You may download these packages to avoid downloading every time you install Open Stack
(root)#packstack –allinone
Clean Up… [ DONE ]
Adding pre install manifest entries… [ DONE ]
Setting up ssh keys…root@192.168.1.10’s password:
[ DONE ]
Adding MySQL manifest entries… [ DONE ]
Adding QPID manifest entries… [ DONE ]
Adding Keystone manifest entries… [ DONE ]
Adding Glance Keystone manifest entries… [ DONE ]
Adding Glance manifest entries… [ DONE ]
Adding Cinder Keystone manifest entries… [ DONE ]
Installing dependencies for Cinder… [ DONE ]
Checking if the Cinder server has a cinder-volumes vg…[ DONE ]
Adding Cinder manifest entries… [ DONE ]
Adding Nova API manifest entries… [ DONE ]
Adding Nova Keystone manifest entries… [ DONE ]
Adding Nova Cert manifest entries… [ DONE ]
Adding Nova Conductor manifest entries… [ DONE ]
Adding Nova Compute manifest entries… [ DONE ]
Adding Nova Scheduler manifest entries… [ DONE ]
Adding Nova VNC Proxy manifest entries… [ DONE ]
Adding Nova Common manifest entries… [ DONE ]
Adding Openstack Network-related Nova manifest entries…[ DONE ]
Adding Quantum API manifest entries… [ DONE ]
Adding Quantum Keystone manifest entries… [ DONE ]
Adding Quantum L3 manifest entries… [ DONE ]
Adding Quantum L2 Agent manifest entries… [ DONE ]
Adding Quantum DHCP Agent manifest entries… [ DONE ]
Adding Quantum Metadata Agent manifest entries… [ DONE ]
Adding OpenStack Client manifest entries… [ DONE ]
Adding Horizon manifest entries… [ DONE ]
Adding Swift Keystone manifest entries… [ DONE ]
Adding Swift builder manifest entries… [ DONE ]
Adding Swift proxy manifest entries… [ DONE ]
Adding Swift storage manifest entries… [ DONE ]
Adding Swift common manifest entries… [ DONE ]
Preparing servers… [ DONE ]
Adding post install manifest entries… [ DONE ]
Installing Dependencies… [ DONE ]
Copying Puppet modules and manifests… [ DONE ]
Applying Puppet manifests…
Applying 192.168.1.10_prescript.pp
192.168.1.10_prescript.pp : [ DONE ]
Applying 192.168.1.10_mysql.pp
Applying 192.168.1.10_qpid.pp
192.168.1.10_mysql.pp : [ DONE ]
192.168.1.10_qpid.pp : [ DONE ]
Applying 192.168.1.10_keystone.pp
Applying 192.168.1.10_glance.pp
Applying 192.168.1.10_cinder.pp
192.168.1.10_keystone.pp : [ DONE ]
192.168.1.10_glance.pp : [ DONE ]
192.168.1.10_cinder.pp : [ DONE ]
Applying 192.168.1.10_api_nova.pp
192.168.1.10_api_nova.pp : [ DONE ]
Applying 192.168.1.10_nova.pp
192.168.1.10_nova.pp : [ DONE ]
Applying 192.168.1.10_quantum.pp
192.168.1.10_quantum.pp : [ DONE ]
Applying 192.168.1.10_osclient.pp
Applying 192.168.1.10_horizon.pp
192.168.1.10_osclient.pp : [ DONE ]
192.168.1.10_horizon.pp : [ DONE ]
Applying 192.168.1.10_ring_swift.pp
192.168.1.10_ring_swift.pp : [ DONE ]
Applying 192.168.1.10_swift.pp
192.168.1.10_swift.pp : [ DONE ]
Applying 192.168.1.10_postscript.pp
192.168.1.10_postscript.pp : [ DONE ]
[ DONE ]

**** Installation completed successfully ******

Additional information:
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* To use the command line tools you need to source the file /root/keystonerc_admin created on 192.168.1.10
* To use the console, browse to http://192.168.1.10/dashboard
* The installation log file is available at: /var/tmp/packstack/20131022-174839-CvBnm3/openstack-setup.log

List of installed packages on the system after Open Stack Grizzly Installation
# rpm -qa

nagios-3.5.1-1.el6.x86_64
ipw2200-firmware-3.1-4.el6.noarch
tzdata-2012j-1.el6.noarch
puppet-3.3.1-1.el6.noarch
gpg-pubkey-d97b3247-51641266
glibc-common-2.12-1.107.el6.x86_64
qpid-cpp-server-0.14-22.el6_3.x86_64
perl-Module-Pluggable-3.90-129.el6.x86_64
bash-4.1.2-14.el6.x86_64
nagios-plugins-nrpe-2.14-3.el6.x86_64
python-iso8601-0.1.4-2.el6.noarch
info-4.13a-8.el6.x86_64
bridge-utils-1.2-10.el6.x86_64
MySQL-python-1.2.3-0.3.c1.1.el6.x86_64
libcom_err-1.41.12-14.el6.x86_64
tuned-0.2.19-11.el6.noarch
python-routes1.12-1.12.3-4.el6.noarch
libsepol-2.0.41-4.el6.x86_64
iproute-2.6.32-130.el6ost.netns.2.x86_64
Django14-1.4.8-1.el6.noarch
shadow-utils-4.1.4.2-13.el6.x86_64
python-swiftclient-1.4.0-1.el6.noarch
dbus-libs-1.2.24-7.el6_3.x86_64
python-amqplib-0.6.1-2.el6.noarch
xz-libs-4.999.9-0.3.beta.20091007git.el6.x86_64
python-anyjson-0.3.1-1.el6.noarch
libidn-1.18-2.el6.x86_64
python-kombu-1.1.3-1.el6.noarch
expat-2.0.1-11.el6_2.x86_64
perl-hivex-1.3.3-4.2.el6.x86_64
grep-2.6.3-3.el6.x86_64
rsync-3.0.6-9.el6.x86_64
elfutils-libelf-0.152-1.el6.x86_64
libaio-0.3.107-10.el6.x86_64
libselinux-utils-2.0.94-5.3.el6.x86_64
python-ldap-2.3.10-1.el6.x86_64
libedit-2.11-4.20080712cvs.1.el6.x86_64
fuse-libs-2.8.3-4.el6.x86_64
libnl-1.1-14.el6.x86_64
python-keyring-0.7-1.el6.noarch
device-mapper-persistent-data-0.1.4-1.el6.x86_64
python-ordereddict-1.1-2.el6.noarch
gmp-4.3.1-7.el6_2.2.x86_64
python-crypto-2.0.1-22.el6.x86_64
libgudev1-147-2.46.el6.x86_64
libpng-1.2.49-1.el6_2.x86_64
MAKEDEV-3.24-6.el6.x86_64
gnutls-2.8.5-10.el6.x86_64
tar-1.23-11.el6.x86_64
python-quantumclient-2.2.1-2.el6.noarch
pinentry-0.7.6-6.el6.x86_64
netcf-libs-0.1.9-3.el6.x86_64
which-2.19-6.el6.x86_64
php-cli-5.3.3-22.el6.x86_64
less-436-10.el6.x86_64
rpcbind-0.2.0-11.el6.x86_64
cracklib-dicts-2.8.16-4.el6.x86_64
celt051-0.5.1.3-0.el6.x86_64
hwdata-0.233-7.9.el6.noarch
python-nose-0.10.4-3.1.el6.noarch
logrotate-3.7.8-16.el6.x86_64
perl-Config-General-2.44-1.el6.noarch
nss-tools-3.14.0.0-12.el6.x86_64
fuse-2.8.3-4.el6.x86_64
ethtool-3.5-1.el6.x86_64
mailcap-2.1.31-2.el6.noarch
openssl-1.0.0-27.el6.x86_64
scrub-2.2-1.el6.x86_64
gpgme-1.1.8-3.el6.x86_64
python-paste-deploy1.5-1.5.0-5.el6.noarch
bind-libs-9.8.2-0.17.rc1.el6.x86_64
mailx-12.4-6.el6.x86_64
ustr-1.0.4-9.1.el6.x86_64
python-beaker-1.3.1-6.el6.noarch
gdbm-1.8.0-36.el6.x86_64
libsysfs-2.1.0-7.el6.x86_64
python-iniparse-0.3.1-2.1.el6.noarch
python-cheetah-2.4.1-1.el6.x86_64
python-ethtool-0.6-3.el6.x86_64
python-suds-0.4.1-3.el6.noarch
libxml2-python-2.7.6-8.el6_3.4.x86_64
polkit-0.96-2.el6_0.1.x86_64
python-dateutil-1.4.1-6.el6.noarch
hal-info-20090716-3.1.el6.noarch
python-urlgrabber-3.9.1-8.el6.noarch
ruby-rgen-0.6.5-1.el6.noarch
rhn-client-tools-1.0.0.1-4.el6.noarch
rubygems-1.8.16-1.el6.noarch
redhat-release-server-6Server-6.4.0.4.el6.x86_64
ruby-shadow-1.4.1-13.el6.x86_64
sg3_utils-libs-1.28-4.el6.x86_64
device-mapper-libs-1.02.77-9.el6.x86_64
libXau-1.0.6-4.el6.x86_64
device-mapper-event-1.02.77-9.el6.x86_64
keyutils-1.4-4.el6.x86_64
kbd-1.15-11.el6.x86_64
python-netifaces-0.5-1.el6.x86_64
ntpdate-4.2.4p8-3.el6.x86_64
python-boto-2.13.3-1.el6.noarch
cronie-anacron-1.4.4-7.el6.x86_64
python-versiontools-1.9.1-3.el6.noarch
rhnsd-4.9.3-2.el6.x86_64
python-decorator-3.0.1-3.1.el6.noarch
iptables-ipv6-1.4.7-9.el6.x86_64
python-configobj-4.6.0-3.el6.noarch
kernel-2.6.32-358.el6.x86_64
libvirt-client-0.10.2-18.el6.x86_64
subscription-manager-1.1.23-1.el6.x86_64
libX11-1.5.0-4.el6.x86_64
openssh-clients-5.3p1-84.1.el6.x86_64
pulseaudio-libs-0.9.21-14.el6_3.x86_64
iwl100-firmware-39.31.5.1-1.el6.noarch
python-six-1.1.0-2.el6.noarch
aic94xx-firmware-30-2.el6.noarch
python-glanceclient-0.9.0-3.el6.noarch
authconfig-6.1.12-13.el6.x86_64
python-markupsafe-0.9.2-4.el6.x86_64
man-1.6f-32.el6.x86_64
python-tempita-0.4-2.el6.noarch
at-3.1.10-43.el6_2.1.x86_64
python-glance-2013.1.3-1.el6.noarch
dbus-1.2.24-7.el6_3.x86_64
usbredir-0.5.1-1.el6.x86_64
lsof-4.82-4.el6.x86_64
libvirt-0.10.2-18.el6.x86_64
traceroute-2.0.14-2.el6.x86_64
python-libguestfs-1.16.34-2.el6.x86_64
iwl5000-firmware-8.83.5.1_1-1.el6_1.1.noarch
openstack-nova-api-2013.1.3-2.el6.noarch
xorg-x11-drv-ati-firmware-6.99.99-1.el6.noarch
openstack-nova-novncproxy-2013.1.3-2.el6.noarch
iwl4965-firmware-228.61.2.24-2.1.el6.noarch
openstack-keystone-2013.1.3-2.el6.noarch
rt73usb-firmware-1.8-7.el6.noarch
libgcc-4.4.7-3.el6.x86_64
ql23xx-firmware-3.03.27-3.1.el6.noarch
filesystem-2.4.30-3.el6.x86_64
rootfiles-8.1-6.1.el6.noarch
basesystem-10.0-4.el6.noarch
rdo-release-grizzly-3.noarch
ncurses-base-5.7-3.20090208.el6.x86_64
perl-Pod-Escapes-1.04-129.el6.x86_64
nss-softokn-freebl-3.12.9-11.el6.x86_64
perl-version-0.77-129.el6.x86_64
ncurses-libs-5.7-3.20090208.el6.x86_64
perl-Pod-Simple-3.13-129.el6.x86_64
libattr-2.4.44-7.el6.x86_64
python-setuptools-0.6.10-3.el6.noarch
zlib-1.2.3-29.el6.x86_64
python-webob-1.2.3-4.el6.noarch
audit-libs-2.2-2.el6.x86_64
python-prettytable-0.6.1-1.el6.noarch
chkconfig-1.3.49.3-2.el6.x86_64
python-argparse-1.2.1-2.el6.noarch
libacl-2.2.49-6.el6.x86_64
python-httplib2-0.7.7-1.el6.noarch
nspr-4.9.2-1.el6.x86_64
python-greenlet-0.3.1-12.el6.x86_64
libselinux-2.0.94-5.3.el6.x86_64
iputils-20071127-17.el6_4.x86_64
libgssglue-0.1-11.el6.x86_64
gamin-0.1.10-9.el6.x86_64
libogg-1.1.4-2.1.el6.x86_64
sed-4.2.1-10.el6.x86_64
python-websockify-0.4.1-1.el6.noarch
readline-6.0-4.el6.x86_64
apr-1.3.9-5.el6_2.x86_64
bzip2-libs-1.0.5-7.el6_0.x86_64
nagios-common-3.5.1-1.el6.x86_64
libudev-147-2.46.el6.x86_64
augeas-libs-0.9.0-4.el6.x86_64
libstdc++-4.4.7-3.el6.x86_64
python-netaddr-0.7.5-4.el6.noarch
cyrus-sasl-lib-2.1.23-13.el6_3.1.x86_64
libjpeg-turbo-1.2.1-1.el6.x86_64
gawk-3.1.7-10.el6.x86_64
numactl-2.0.7-6.el6.x86_64
tcp_wrappers-libs-7.6-57.el6.x86_64
nagios-plugins-1.4.16-5.el6.x86_64
libuuid-2.17.2-12.9.el6.x86_64
libtirpc-0.2.1-5.el6.x86_64
pcre-7.8-6.el6.x86_64
hivex-1.3.3-4.2.el6.x86_64
bzip2-1.0.5-7.el6_0.x86_64
libICE-1.0.6-1.el6.x86_64
findutils-4.4.2-6.el6.x86_64
freetype-2.3.11-6.el6_2.9.x86_64
libgpg-error-1.7-4.el6.x86_64
dnsmasq-2.48-13.el6.x86_64
psmisc-22.6-15.el6_0.1.x86_64
lzo-2.03-3.1.el6.x86_64
checkpolicy-2.0.22-1.el6.x86_64
libibverbs-1.1.6-5.el6.x86_64
cpio-2.10-11.el6_3.x86_64
python-memcached-1.43-6.el6.noarch
libcap-ng-0.6.4-3.el6_0.1.x86_64
libgfortran-4.4.7-3.el6.x86_64
sysvinit-tools-2.87-4.dsf.el6.x86_64
libpcap-1.0.0-6.20091201git117cb5.el6.x86_64
pth-2.0.7-9.3.el6.x86_64
libcgroup-0.37-7.el6.x86_64
grubby-7.0.15-3.el6.x86_64
libxslt-1.1.26-2.el6_3.1.x86_64
tcp_wrappers-7.6-57.el6.x86_64
python-jsonschema-1.3.0-1.el6.noarch
nss-softokn-3.12.9-11.el6.x86_64
iscsi-initiator-utils-6.2.0.873-2.el6.x86_64
libusb-0.1.12-23.el6.x86_64
pyxattr-0.5.0-1.el6.x86_64
xz-lzma-compat-4.999.9-0.3.beta.20091007git.el6.x86_64
python-paramiko-1.7.5-2.1.el6.noarch
libnih-1.0.1-7.el6.x86_64
boost-filesystem-1.41.0-11.el6_1.2.x86_64
libutempter-1.1.5-4.1.el6.x86_64
cryptsetup-luks-libs-1.2.0-7.el6.x86_64
vim-minimal-7.2.411-1.8.el6.x86_64
libtasn1-2.3-3.el6_2.1.x86_64
net-tools-1.60-110.el6_2.x86_64
pyparsing-1.5.6-1.el6.noarch
db4-utils-4.7.25-17.el6.x86_64
python-cliff-1.4.4-1.el6.noarch
e2fsprogs-1.41.12-14.el6.x86_64
gnutls-utils-2.8.5-10.el6.x86_64
diffutils-2.8.1-28.el6.x86_64
python-warlock-0.4.0-2.el6.noarch
m4-1.4.13-5.el6.x86_64
numad-0.5-8.20121015git.el6.x86_64
dash-0.5.5.1-4.el6.x86_64
librdmacm-1.0.17-0.git4b5c1aa.el6.x86_64
groff-1.18.1.4-21.el6.x86_64
fontconfig-2.8.0-3.el6.x86_64
coreutils-libs-8.4-19.el6.x86_64
perl-DBD-MySQL-4.013-3.el6.x86_64
cracklib-2.8.16-4.el6.x86_64
apr-util-ldap-1.3.9-3.el6_0.1.x86_64
coreutils-8.4-19.el6.x86_64
novnc-0.4-8.el6.noarch
module-init-tools-3.9-21.el6.x86_64
flac-1.2.1-6.1.el6.x86_64
redhat-logos-60.0.14-1.el6.noarch
libsndfile-1.0.20-5.el6.x86_64
libpciaccess-0.13.1-2.el6.x86_64
python-pygments-1.1.1-1.el6.noarch
alsa-lib-1.0.22-3.el6.x86_64
ebtables-2.0.9-6.el6.x86_64
nss-sysinit-3.14.0.0-12.el6.x86_64
cvs-1.11.23-15.el6.x86_64
openldap-2.4.23-31.el6.x86_64
kernel-2.6.32-358.123.2.openstack.el6.x86_64
passwd-0.77-4.el6_2.2.x86_64
openvswitch-1.11.0_8ce28d-1.el6ost.x86_64
mingetty-1.08-5.el6.x86_64
cyrus-sasl-md5-2.1.23-13.el6_3.1.x86_64
krb5-libs-1.10.3-10.el6.x86_64
httpd-2.2.15-26.el6.x86_64
libssh2-1.4.2-1.el6.x86_64
mod_wsgi-3.2-3.el6.x86_64
gnupg2-2.0.14-4.el6.x86_64
ConsoleKit-libs-0.4.1-3.el6.x86_64
curl-7.19.7-35.el6.x86_64
python-paste-1.7.4-2.el6.noarch
rpm-4.8.0-32.el6.x86_64
crudini-0.3-2.el6.noarch
mysql-libs-5.1.66-2.el6_3.x86_64
fipscheck-1.2.0-7.el6.x86_64
libsemanage-2.0.43-4.2.el6.x86_64
newt-0.52.11-3.el6.x86_64
libffi-3.0.5-3.2.el6.x86_64
python-2.6.6-36.el6.x86_64
newt-python-0.52.11-3.el6.x86_64
python-simplejson-2.0.9-3.1.el6.x86_64
pygobject2-2.20.0-5.el6.x86_64
m2crypto-0.20.2-9.el6.x86_64
python-dmidecode-3.10.13-1.el6.x86_64
python-gudev-147.1-4.el6_0.1.x86_64
yum-metadata-parser-1.1.2-16.el6.x86_64
python-pycurl-7.19.0-8.el6.x86_64
yum-3.2.29-40.el6.noarch
rhnlib-2.5.22-12.el6.noarch
dmidecode-2.11-2.el6.x86_64
kbd-misc-1.15-11.el6.noarch
policycoreutils-2.0.83-19.30.el6.x86_64
util-linux-ng-2.17.2-12.9.el6.x86_64
udev-147-2.46.el6.x86_64
device-mapper-1.02.77-9.el6.x86_64
openssh-5.3p1-84.1.el6.x86_64
lvm2-libs-2.02.98-9.el6.x86_64
plymouth-0.8.3-27.el6.x86_64
dracut-004-303.el6.noarch
rsyslog-5.8.10-6.el6.x86_64
cyrus-sasl-2.1.23-13.el6_3.1.x86_64
crontabs-1.10-33.el6.noarch
cronie-1.4.4-7.el6.x86_64
usermode-1.102-3.el6.x86_64
rhn-setup-1.0.0.1-4.el6.noarch
rhn-check-1.0.0.1-4.el6.noarch
dhclient-4.1.1-34.P1.el6.x86_64
system-config-firewall-base-1.2.27-5.el6.noarch
ntp-4.2.4p8-3.el6.x86_64
openssh-server-5.3p1-84.1.el6.x86_64
parted-2.1-19.el6.x86_64
iwl5150-firmware-8.24.2.2-1.el6.noarch
iwl6050-firmware-41.28.5.1-2.el6.noarch
iwl6000g2a-firmware-17.168.5.3-1.el6.noarch
iwl6000-firmware-9.221.4.1-1.el6.noarch
quota-3.17-18.el6.x86_64
grub-0.97-81.el6.x86_64
bind-utils-9.8.2-0.17.rc1.el6.x86_64
sudo-1.8.6p3-7.el6.x86_64
pciutils-3.1.10-2.el6.x86_64
audit-2.2-2.el6.x86_64
efibootmgr-0.5.4-10.el6.x86_64
tmpwatch-2.9.16-4.el6.x86_64
bc-1.06.95-1.el6.x86_64
acl-2.2.49-6.el6.x86_64
attr-2.4.44-7.el6.x86_64
setserial-2.17-25.el6.x86_64
ql2400-firmware-5.08.00-1.el6.noarch
ql2100-firmware-1.19.38-3.1.el6.noarch
libertas-usb8388-firmware-5.110.22.p23-3.1.el6.noarch
ql2500-firmware-5.08.00-1.el6.noarch
zd1211-firmware-1.4-4.el6.noarch
rt61pci-firmware-1.2-7.el6.noarch
ql2200-firmware-2.02.08-3.1.el6.noarch
openstack-swift-proxy-1.8.0-2.el6.noarch
openstack-swift-object-1.8.0-2.el6.noarch
openstack-swift-container-1.8.0-2.el6.noarch
openstack-selinux-0.1.2-11.el6.noarch
numpy-1.4.1-9.el6.x86_64
memcached-1.4.4-3.el6.x86_64
nagios-plugins-ping-1.4.16-5.el6.x86_64
nrpe-2.14-3.el6.x86_64
xinetd-2.3.14-38.el6.x86_64
wget-1.12-1.8.el6.x86_64
epel-release-6-8.noarch
dnsmasq-utils-2.48-13.el6.x86_64
python-passlib-1.5.3-1.el6.noarch
python-backports-1.0-3.el6.x86_64
pixman-0.26.2-4.el6.x86_64
selinux-policy-3.7.19-195.el6_4.12.noarch
febootstrap-supermin-helper-3.12-2.el6.x86_64
sysfsutils-2.1.0-7.el6.x86_64
python-markdown-2.0.1-3.1.el6.noarch
pysendfile-2.0.0-3.el6.x86_64
hal-libs-0.5.14-11.el6.x86_64
sgabios-bin-0-0.3.20110621svn.el6.noarch
ConsoleKit-0.4.1-3.el6.x86_64
hdparm-9.16-3.4.el6.x86_64
hal-0.5.14-11.el6.x86_64
compat-readline5-5.2-17.1.el6.x86_64
ruby-1.8.7.352-7.el6_2.x86_64
facter-1.7.3-1.el6.x86_64
ruby-rdoc-1.8.7.352-7.el6_2.x86_64
rubygem-json-1.5.5-1.el6.x86_64
ruby-augeas-0.4.1-1.el6.x86_64
saslwrapper-0.14-1.el6.x86_64
python-qpid-0.14-11.el6_3.noarch
sg3_utils-1.28-4.el6.x86_64
python-sqlalchemy-0.5.5-3.el6_2.noarch
libxcb-1.8.1-1.el6.x86_64
spice-server-0.12.0-12.el6.x86_64
nfs-utils-lib-1.1.5-6.el6.x86_64
PyPAM-0.5.0-12.el6.x86_64
radvd-1.6-1.el6.x86_64
mdadm-3.2.5-4.el6.x86_64
tunctl-1.5-3.el6.x86_64
genisoimage-1.1.9-12.el6.x86_64
python-django-compressor-1.2-4.el6.noarch
libselinux-ruby-2.0.94-5.3.el6.x86_64
seabios-0.6.1.2-26.el6.x86_64
gettext-0.17-16.el6.x86_64
openstack-swift-plugin-swift3-1.0.0-0.20120711git.el6.noarch
nc-1.84-22.el6.x86_64
libvirt-python-0.10.2-18.el6.x86_64
libX11-common-1.5.0-4.el6.noarch
libXext-1.3.1-2.el6.x86_64
libXtst-1.2.1-2.el6.x86_64
libXpm-3.5.10-2.el6.x86_64
vgabios-0.6b-3.7.el6.noarch
python-urllib3-1.5-5.el6.noarch
python-keystoneclient-0.2.3-7.el6.noarch
python-novaclient-2.13.0-1.el6.noarch
python-django-openstack-auth-1.0.7-1.el6.noarch
python-mako-0.5.0-5.el6.noarch
python-quantum-2013.1.3-1.el6.noarch
python-migrate-0.6-6.el6.noarch
openstack-quantum-2013.1.3-1.el6.noarch
python-nova-2013.1.3-2.el6.noarch
libusb1-1.0.9-0.6.rc1.el6.x86_64
qemu-img-0.12.1.2-2.355.el6.x86_64
python-cinder-2013.1.3-1.el6.noarch
libconfig-1.3.2-1.1.el6.x86_64
libguestfs-1.16.34-2.el6.x86_64
libguestfs-tools-c-1.16.34-2.el6.x86_64
openstack-cinder-2013.1.3-1.el6.noarch
openstack-nova-conductor-2013.1.3-2.el6.noarch
openstack-nova-cert-2013.1.3-2.el6.noarch
openstack-nova-scheduler-2013.1.3-2.el6.noarch
openstack-quantum-openvswitch-2013.1.3-1.el6.noarch
openstack-dashboard-2013.1.3-1.el6.noarch
ipw2100-firmware-1.3-11.el6.noarch
setup-2.8.14-20.el6.noarch
openstack-swift-account-1.8.0-2.el6.noarch
puppetlabs-release-6-7.noarch
ca-certificates-2010.63-3.el6_1.5.noarch
mysql-server-5.1.66-2.el6_3.x86_64
perl-libs-5.10.1-129.el6.x86_64
glibc-2.12-1.107.el6.x86_64
nmap-5.51-2.el6.x86_64
perl-5.10.1-129.el6.x86_64
libcap-2.16-5.5.el6.x86_64
yum-utils-1.1.30-14.el6.noarch
python-sqlalchemy0.7-0.7.8-1.el6.x86_64
popt-1.13-7.el6.x86_64
openstack-packstack-2013.1.1-0.29.dev683.el6.noarch
python-oslo-config-1.1.0-1.el6.noarch
db4-4.7.25-17.el6.x86_64
yum-plugin-downloadonly-1.1.30-14.el6.noarch
python-eventlet-0.9.17-2.el6.noarch
glib2-2.22.5-7.el6.x86_64
python-cinderclient-1.0.4-1.el6.noarch
nss-util-3.14.0.0-2.el6.x86_64
apr-util-1.3.9-3.el6_0.1.x86_64
libxml2-2.7.6-8.el6_3.4.x86_64
avahi-libs-0.6.25-12.el6.x86_64
sqlite-3.6.20-1.el6.x86_64
yajl-1.0.7-3.el6.x86_64
file-libs-5.04-15.el6.x86_64
python-django-appconf-0.5-3.el6.noarch
libblkid-2.17.2-12.9.el6.x86_64
perl-DBI-1.609-4.el6.x86_64
lua-5.1.4-4.1.el6.x86_64
php-common-5.3.3-22.el6.x86_64
dbus-glib-0.86-5.el6.x86_64
lzop-1.02-0.9.rc1.el6.x86_64
e2fsprogs-libs-1.41.12-14.el6.x86_64
boost-program-options-1.41.0-11.el6_1.2.x86_64
pciutils-libs-3.1.10-2.el6.x86_64
libevent-1.4.13-4.el6.x86_64
libgcrypt-1.4.5-9.el6_2.2.x86_64
python-lxml-2.2.3-1.1.el6.x86_64
file-5.04-15.el6.x86_64
python-stevedore-0.11-1.el6.noarch
xz-4.999.9-0.3.beta.20091007git.el6.x86_64
boost-system-1.41.0-11.el6_1.2.x86_64
upstart-0.6.5-12.el6.x86_64
cryptsetup-luks-1.2.0-7.el6.x86_64
procps-3.2.8-25.el6.x86_64
python-cmd2-0.6.4-7.el6.noarch
libss-1.41.12-14.el6.x86_64
qpid-cpp-client-0.14-22.el6_3.x86_64
binutils-2.20.51.0.2-5.36.el6.x86_64
atlas-3.8.4-2.el6.x86_64
ncurses-5.7-3.20090208.el6.x86_64
libSM-1.2.1-2.el6.x86_64
gzip-1.3.12-18.el6.x86_64
httpd-tools-2.2.15-26.el6.x86_64
pam-1.1.1-13.el6.x86_64
libvorbis-1.2.3-4.el6_2.1.x86_64
plymouth-scripts-0.8.3-27.el6.x86_64
mysql-5.1.66-2.el6_3.x86_64
nss-3.14.0.0-12.el6.x86_64
kernel-firmware-2.6.32-358.123.2.openstack.el6.noarch
libuser-0.56.13-5.el6.x86_64
pytz-2010h-2.el6.noarch
keyutils-libs-1.4-4.el6.x86_64
php-5.3.3-22.el6.x86_64
libcurl-7.19.7-35.el6.x86_64
strace-4.5.19-1.17.el6.x86_64
rpm-libs-4.8.0-32.el6.x86_64
openstack-utils-2013.2-1.el6.1.noarch
fipscheck-lib-1.2.0-7.el6.x86_64
python-backports-ssl_match_hostname-3.2-0.5.a3.el6.noarch
slang-2.2.1-1.el6.x86_64
selinux-policy-targeted-3.7.19-195.el6_4.12.noarch
python-libs-2.6.6-36.el6.x86_64
python-chardet-2.0.1-1.el6.noarch
rpm-python-4.8.0-32.el6.x86_64
vconfig-1.9-8.1.el6.x86_64
dbus-python-0.83.0-6.1.el6.x86_64
eggdbus-0.6-3.el6.x86_64
python-rhsm-1.1.8-1.el6.x86_64
pm-utils-1.2.5-10.el6.x86_64
pygpgme-0.1-18.20090824bzr68.el6.x86_64
ruby-libs-1.8.7.352-7.el6_2.x86_64
pyOpenSSL-0.10-2.el6.x86_64
ruby-irb-1.8.7.352-7.el6_2.x86_64
plymouth-core-libs-0.8.3-27.el6.x86_64
hiera-1.2.1-1.el6.noarch
iptables-1.4.7-9.el6.x86_64
python-saslwrapper-0.14-1.el6.x86_64
initscripts-9.03.38-1.el6.x86_64
scsi-target-utils-1.0.24-2.el6.x86_64
device-mapper-event-libs-1.02.77-9.el6.x86_64
pkgconfig-0.23-9.1.el6.x86_64
libdrm-2.4.39-1.el6.x86_64
nfs-utils-1.2.3-36.el6.x86_64
dracut-kernel-004-303.el6.noarch
gpxe-roms-qemu-0.9.7-6.9.el6.noarch
postfix-2.6.6-2.2.el6_1.x86_64
btrfs-progs-0.20-0.2.git91d9eec.el6.x86_64
virt-what-1.11-1.2.el6.x86_64
libasyncns-0.8-1.1.el6.x86_64
yum-rhn-plugin-0.9.1-43.el6.noarch
libgomp-4.4.7-3.el6.x86_64
dhcp-common-4.1.1-34.P1.el6.x86_64
openstack-swift-1.8.0-2.el6.noarch
python-pyasn1-0.0.12a-1.el6.noarch
lvm2-2.02.98-9.el6.x86_64
libXi-1.6.1-3.el6.x86_64
bfa-firmware-3.0.3.1-1.el6.noarch
gd-2.0.35-11.el6.x86_64
b43-openfwwf-5.2-4.el6.noarch
python-requests-1.1.0-4.el6.noarch
iwl1000-firmware-39.31.5.1-1.el6.noarch
python-django-horizon-2013.1.3-1.el6.noarch
ntsysv-1.3.49.3-2.el6.x86_64
python-alembic-0.4.2-3.el6.noarch
alsa-utils-1.0.22-5.el6.x86_64
python-keystone-2013.1.3-2.el6.noarch
psacct-6.3.2-63.el6_3.3.x86_64
openstack-nova-common-2013.1.3-2.el6.noarch
cyrus-sasl-plain-2.1.23-13.el6_3.1.x86_64
qemu-kvm-0.12.1.2-2.355.el6.x86_64
ed-1.1-3.3.el6.x86_64
dosfstools-3.0.9-4.el6.x86_64
redhat-indexhtml-6-1.el6.noarch
openstack-nova-compute-2013.1.3-2.el6.noarch
ivtv-firmware-20080701-20.2.noarch
openstack-nova-console-2013.1.3-2.el6.noarch
atmel-firmware-1.3-7.el6.noarch
openstack-glance-2013.1.3-1.el6.noarch
iwl3945-firmware-15.32.2.9-4.el6.noarch

Oct
30

How to add an image via Glance in OpenStack Grizzly on RHEL 6.4

To add an image on local disks via glance via command prompt to Open Stack on RHEL 6.4;

If you want to add via “admin” user then;
[root@openstackserver ~(keystone_admin)]# pwd
/root
[root@openstackserver ~]# source keystonerc_admin

Here I will add an Ubuntu “precise” image.
[root@openstackserver ~(keystone_admin)]# glance image-create —name precise —disk-format=qcow2 —container-format=bare < /root/precise-server-cloudimg-amd64-disk1.img
+——————+————————————–+
| Property | Value |
+——————+————————————–+
| checksum | bf3013a09073b8fe56404a8997ac9a6a |
| container_format | bare |
| created_at | 2013-10-22T15:06:11 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | 8e73e87f-bc28-4c2e-9955-a9144f924f29 |
| is_public | False |
| min_disk | 0 |
| min_ram | 0 |
| name | precise |
| owner | d33828e242c542ac8ab81d7c258e12ce |
| protected | False |
| size | 253952000 |
| status | active |
| updated_at | 2013-10-22T15:06:12 |
+——————+————————————–+

now lets check the image is added
[root@openstackserver ~(keystone_admin)]# glance image-list
+————————————–+———+————-+——————+———–+——–+
| ID | Name | Disk Format | Container Format | Size | Status |
+————————————–+———+————-+——————+———–+——–+
| 8e73e87f-bc28-4c2e-9955-a9144f924f29 | precise | qcow2 | bare | 253952000 | active |
+————————————–+———+————-+——————+———–+——–+

 October 30th, 2013  
 mehmet.alatas  
 RedHat 6.4  
 , , , , , ,   
 0 Comment
Apr
11

How to kill processes of a user on Red Hat

if you wanto kill all processes those belongs to “mehmet” user;

#pkill -u mehmet

root, for sure, can do that. if a user has necessary rights, that user also can kill these processes.

 

 April 11th, 2013  
 mehmet.alatas  
 RedHat 6.0, RedHat 6.2  
 , , ,   
 0 Comment
Mar
16

How to create self-signed SSL Certificates for Apache Web Server on RedHat 6.x

First of all, you must have Apache Web Server(httpd) installed on Red Hat

if you havent installed,yet, use YUM to install(yum install httpd). also, you need to install mod_ssl(yum install mod_ssl)

If you dont know how to create YUM repository to install package, please check out this

1. login as root user and go to /root directory where we will save certificate and private key.

[root@apachessl /]# cd /root

2. Firstly, we will create private key for Apache Web Server. It will ask you to enter passphrase which you will need in coming steps. I will use “redhathowto.com”

[root@apachessl ~]# openssl genrsa -aes256 -out redhathowto.key 4096

Generating RSA private key, 4096 bit long modulus
….++
……..++
e is 65537 (0x10001)
Enter pass phrase for redhathowto.key:redhathowto.com
Verifying – Enter pass phrase for redhathowto.key:redhathowto.com

3. Now, we will generate CSR(Certificate Sign Request) which is holding signature of your server and some data shown to visitors. If you want your certificate to be signed by signing authority such as Thawte,VeriSign etc. you will send this file to Signing Authority to sign your certificate.

[root@apachessl ~]# openssl req -new -key redhathowto.key -out redhathowto.csr
Enter pass phrase for redhathowto.key:redhathowto.com
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [XX]:TR
State or Province Name (full name) []:Marmara
Locality Name (eg, city) [Default City]:Istanbul
Organization Name (eg, company) [Default Company Ltd]:RedHatHowTo.com
Organizational Unit Name (eg, section) []:RedHatHowTo.com OU
Common Name (eg, your name or your server’s hostname) []:apachessl
Email Address []:mehmet.alatas@redhathowto.com

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@apachessl ~]# ls -l
-rw-r–r–. 1 root root 1789 Mar 16 22:45 redhathowto.csr
-rw-r–r–. 1 root root 3326 Mar 16 22:35 redhathowto.key

4. we have created private key and CSR files. Now, time to create certificate for Apache Web Server

[root@apachessl ~]# openssl x509 -req -days 365 -in redhathowto.csr -signkey redhathowto.key -out redhathowto.crt

Signature ok
subject=/C=TR/ST=Marmara/L=Istanbul/O=RedHatHowTo.com/OU=RedHatHowTo.com OU/CN=apachessl/emailAddress=mehmet.alatas@redhathowto.com
Getting Private key
Enter pass phrase for redhathowto.key:redhathowto.com

5. Now, we have one private key and one certificate(if you want your certificate to be signed, you will need redhathowto.csr. othwerwise, you dont need since it is self-signed certificate)

6. Go to “/etc/pki/tls/certs” where certificates are saved, and copy “redhathowto.crt” to this directory.

[root@apachessl ~]# cd /etc/pki/tls/certs/
[root@apachessl certs]# cp /root/redhathowto.crt .
[root@apachessl certs]# chmod 600 redhathowto.crt

7. Go to “/etc/pki/tls/private/” where private keys are saved, and copy “redhathowto.key” to this directory

[root@apachessl private]# cp /root/redhathowto.key .
[root@apachessl private]# chmod 600 redhathowto.key

8. Everything is in place now. we need to make some changes in “ssl.conf” for new certificate and private key.

[root@apachessl private]# cd /etc/httpd/conf.d/

[root@apachessl private]# vi ssl.conf

Find following lines in ssl.conf and change file names. by default, they are localhost.crt and localhost.key,respectively.

SSLCertificateFile /etc/pki/tls/certs/apachessl.crt

SSLCertificateKeyFile /etc/pki/tls/private/apachessl.key

9. Restart httpd service to enable new certificates. But it will ask you to enter passphrase everytime httpd service is started.

[root@apachessl conf.d]# service httpd restart
Stopping httpd: [FAILED]
Starting httpd: httpd: Could not reliably determine the server’s fully qualified domain name, using 192.168.1.10 for ServerName
Apache/2.2.15 mod_ssl/2.2.15 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server 192.168.1.10:443 (RSA)
Enter pass phrase:redhathowto.com

OK: Pass Phrase Dialog successful.
[ OK ]

10 we will remove passphrase from redhathowto.key and restart httpd service. it will not ask to enter passphrase

[root@apachessl conf.d]# cd /etc/pki/tls/private/
[root@apachessl private]# openssl rsa -in redhathowto.key -out redhathowto.key
Enter pass phrase for redhathowto.key:redhathowto.com
writing RSA key

[root@apachessl private]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: httpd: Could not reliably determine the server’s fully qualified domain name, using 192.168.1.10 for ServerName
[ OK ]

11. Let see what the certificate looks like

SSL Certificate SSL Certificate

 March 16th, 2013  
 mehmet.alatas  
 RedHat 6.0, RedHat 6.2  
 , , , , , , , , , ,   
 3 Comments