CentOS 6.x on VMware Player: Part 4

Note these documents are subject to update, this one was last edited 04/26/2014

Part 4: Configuring MySQL

  • First we will make some basic configuration changes to MySQL. Later we will get into much more database configuration and tuning.
  • # cp -a /etc/my.cnf /etc/my.cnf.orig
  • # vi /etc/my.cnf
  • After the line user=mysql insert default-storage-engine=InnoDB
  • Save and exit.
  • # chkconfig –level 2345 mysqld on
  • # service mysqld start
  • # /usr/bin/mysql_secure_installation
  • Enter current password for root (enter for none): <enter>
  • Set root password? [Y/n] <enter> and set it
  • Remove anonymous users? [Y/n]  <enter>
  • Disallow root login remotely? [Y/n] n <enter>
  • Remove test database and access to it? [Y/n] <enter>
  • Reload privilege tables now? [Y/n] <enter>
  • # mysql -uroot -pyourpassword
  • mysql> use mysql
  • mysql> grant all on *.* to you@’192.168.1.4′ identified by ‘yourpassword’;
  • mysql> flush privileges;
  • mysql> exit
  • Now you will be able to install and use MySQL Workbench from your workstation or server.
  • # yum install -y flash-plugin.x86_64
  • Start Firefox and browse to http://www.mysql.com/products/workbench
  • Login or create an account if you need to.
  • Select Download Now.
  • Select Platform… Red Hat Enterprise Linux / Oracle Linux.
  • Download the 64-bit version.
  • Open with Package Installer (default) and Select OK.
  • Choose Install including for any additional packages it wants to install and authenticate.
  • When done installing fire it up and check Server Status.
  • # mysql-workbench

centos6.06

  • OK Configuring MySQL is done for now but I do expect to update this substantially over time so be sure and check back. There are also still important configurations and setting up Apache, etc. and later WordPress so please continue to Part 5.

If you have any questions or suggestions don’t hesitate to reach out to me!

Next: Part 5 – Configuring Apache

CentOS 6.x on VMware Player: Part 3

Note these documents are subject to update, this one was last edited 05/26/2014

Part 3: Start Configuring the OS

  • Logon and ignore any Updates Available notices when/if they come up.
  • Right click above your desktop and Select Open in Terminal.
  • Notice your shell is using the non-super user prompt $. Type: su – (yes the “-” is important) and your root password. Notice your shell is now using the super user prompt #.
  • Next with tcpwrappers we will throw a quick wrench at all the network scanners and hackers trying to find open ports on your system.
  • Type # vi /etc/hosts.allow – Note: If you do not know how to use vi (a whole subject on its own) use the gedit text editor, just substitute gedit for vi and be sure to start it from the super user prompt #.
  • Type i to enter insert mode and insert the following at the end of the file tailored to your IP numbers:

  • Then :wq to save the file and quit vi.
  • Then # vi /etc/logrotate.d/local.log
  • Type i to enter insert mode and insert the following in the file:

  • Then :wq to save the file and quit vi.
  • Type # vi /etc/sysconfig/selinux
  • Edit SELINUX=enforcing to SELINUX=permissive. We will be changing this back later when we get Selinux configured and for now we want the warning messages. Save and quit vi.
  • Type # setenforce 0 then # getenforce to confirm it is permissive.
  • Stay out of the GUI firewall app and use this to configure your firewall for now on:
  • # cat >> /usr/local/bin/set_iptables

  • Edit the IP addresses to whatever remote systems you would like to able to use ssh, ftp and MySQL Workbench from to this server and then ctrl-d on a blank line to end and save file.
  • # touch /usr/local/bin/set_iptables.ip_block
  • Add whatever IP addresses you want blocked to that file. I wouldn’t necessarily recommend it… there are more elegant solutions for digital annoyance but you could put the entire Eastern Bloc IP ranges in that file or any set of countries (http://www.ipdeny.com/ipblocks) or just a select set of digital abusers would probably be more appropriate.
  • # chmod 700 /usr/local/bin/set_iptables*
  • # set_iptables
  • Seriously test that you can ssh into the server before you uncomment ‘service iptables save’ and ‘service iptables restart’. If successful go ahead uncomment them and execute set_iptables again. If you make a mistake to flush out your changes from a console su – login type: # iptables -F
  • Also for IPv6 type # vi /etc/sysconfig/ip6tables
  • If they exist delete the lines with port 21 and port 22 then save the file.
  • # service ip6tables restart
  • System > Preferences > Screensaver and uncheck Lock screen and Activate screensaver. Change idle to 1 hour and Select Close.
  • Now we will apply updates. Type # yum check-update
  • Now type # yum -y update
  • You have a new kernel now so System > Shutdown… > Restart.
  • Ok we now have what I’ll call basic security with more to do. Logon.
  • System > Administration > Date & Time > Time Zone tab Select your time zone and uncheck System clock uses UTC. Select OK.
  • System > Administration > Users and Groups > Click on your user, Select Properties and from the Groups tab add yourself to the Wheel group and Select OK then Close window.
  • If you wished to make text mode default: # vi /etc/inittab – change the line id:5:initdefault: to id:3:initdefault then :wq to save the file and quit vi. Temporarily you can bring Gnome up and down with # init 3 and # init 5 commands.
  • Now let’s remove some packages and add some we are missing.
  • # vi /etc/yum.conf
  • Insert at end: group_package_types=mandatory,default,optional
  • Save and quit vi, then to see what package groups you have installed and are available: # yum grouplist
  • If you wanted more detail on a group # yum groupinfo “Groupname One” “Groupname Two”
  • To remove group(s) # yum -y groupremove “Groupname One” “Groupname Two”
  • # yum grouplist | grep -i mysql
  • # yum -y groupinstall “MySQL Database client” “MySQL Database server”
  • # yum -y groupinstall “Development tools” “PHP Support” “FTP server” “Console internet tools”
  • # yum -y install php-mbstring
  • # yum info nmap – this is optional but it confirms the packages are there, versions, etc…
  • # yum -y install nmap
  • # mkdir /etc/banners
  • # cat >> /etc/banners/issue.msg

  • ctrl-d on a blank line to end and save file.
  • Configure vsftpd (ftp server).
  • # vi /etc/vsftpd/vsftpd.conf
  • Comment out # anonymous_enable=YES
  • anonymous_enable=NO <- add this because it defaults to YES
  • banner_file=/etc/banners/issue.msg
  • Save & quit vi.
  • # chkconfig –level 2345 vsftpd on
  • # service vsftpd start
  • OK let’s do some configuration for ssh.
  • # cd /root
  • # cat >> .shosts

  • ctrl-d on a blank line to end and save file.
  • # chmod 600 .shosts
  • # vi /etc/ssh/sshd_config and insert following at end of file:

  • # service sshd restart
  • On your desktop right click over the CentOS DVD icon and Select Eject.
  • Top left of VMware window: Player > Manage > Install VMware Tools.
  • Your desktop should look similar to this:

centos6.05

  • Click on the VMwareTools-x.x.x-xxxxxx.tar.gz icon and drag it to your Home Directory Icon on the desktop
  • In a su – terminal session: # cd /home/yourhomedir/
  • # ls – notice VMwareTools-x.x.x-xxxxxx.tar.gz
  • # mv V* /usr/local/; cd /usr/local/
  • # gunzip *.gz
  • # tar xvf *.tar
  • # cd v*
  • Note upper-lower case on the Vs are important. Its a new system, so I know there are no other conflicting files, but if you ever do this at a later point there may be conflicting directories and files, so check the file/directory names with an ls if you need to.
  • To execute vmware-install.pl # ./v*
  • Hit <enter> at the next ~14 defaults, there will be a certain amount of delays and screen messages here and there.
  • # cd .. ; chmod 600 v*; mv V* v*
  • # /usr/bin/vmware-toolbox-cmd help
  • # reboot
  • Now you will be able to enter full screen mode and then Unity mode for multiple monitors if you choose.
  • OK Configuring the OS Part 3 is done. There are still important configurations and setting up MySQL and Apache etc., so please continue to Part 4.

If you have any questions or suggestions don’t hesitate to reach out to me!

Next: Part 4 – Configuring MySQL

CentOS 6.x on VMware Player: Part 2

Note these documents are subject to update, this one was last edited 04/26/2014

Part 2: Installing the OS

  • Important to note that the majority of this series applies to any CentOS installation, not just VMware installations.
  • Highlight the VM you made in Part 1 and Select Play virtual machine.
  • Select Install or upgrade an existing system.
  • Select OK or Skip the media test. On physical DVDs I do the test. On ISO DVDs I do not. Honestly I have never found an error yet, but it can not hurt.
  • CentOS 6: Select Next.
  • What language: Select English, Next.
  • Appropriate keyboard: Select U.S. English, Next.
  • What type of devices will your installation involve? Select Basic Storage Devices radio button, Next.
  • Storage Device Warning: Select Yes, discard any data.
  • Type in your hostname: example – woohoo.shadowshift.com
  • Select Configure Network.
  • Highlight System eth0, Select Edit…

centos6.01

  • On the Wired tab check-mark Connect automatically and Available to all users.
  • On the IPv4 Settings tab Select Method: Manual.
  • Addresses: Select Add and type in your IP Address, Netmask and Gateway.
  • Add your DNS servers, in this case Google: 8.8.8.8, 8.8.4.4
  • Select Apply, Select Close, Select Next.
  • Type in your root password twice, Select Next.
  • What type of installation would you like? Select Replace Existing Linux System(s) and check-mark Review and modify partitioning layout. Select Next.
  • Personally I could be satisfied with the default, but I’m going highlight and Edit lv_swap = 4096MB, lv_root = 61440MB and lv_home = 30720MB.
  • To use the free space balance I’m going to Select Create, Select Create LVM, LVM Logical Volume (vg_woohoo), Select Create.

centos6.02

centos6.03

  • Make Mount Point: /www  and Logical Volume Name: lv_www and Select OK, Select Next.
  • Format Warnings: Select Format, Select Write changes to disk.
  • When its done formatting if you want a boot loader password Select Change password, otherwise Select Next.
  • In the next screen I would leave Desktop and Customize later selected and Select Next.
  • Now the operating system and packages, etc. will be installed and it takes around 10 minutes to an hour plus…
  • BTW while its doing this you may want to call your ISP and see if they block port 25 for SMTP. My ISP AT&T does block it and Sendmail will need this port open or you will not be able to run a mail server.
  • If all went well, you should now see a Congratulations screen, Select Reboot.
  • Welcome: Select Forward.
  • License Information: Yes, I agree to the License Agreement, Select Forward.
  • Create User: You know the routine, Select Forward.
  • Date and Time: Check-mark Synchronize date and time over the network, Select Forward.
  • There will be insufficient memory to enable kdump, Select OK, Select Finish.
  • Logon as user created above and Part 2 is done. Congratulations!
  • There is much more to do – for starters you may want to confirm the network is working and start Firefox to check if you can reach a website.

centos6.04

If you have any questions or suggestions don’t hesitate to reach out to me!

Next: Part 3 – Start Configuring the OS

CentOS 6.x on VMware Player: Part 1

Note these documents are subject to update, this one was last edited 04/27/2014

vmware-player.01

In today’s data center virtualization is a must for the efficient use of server resources, manageability and advanced functions like high availability. In addition to a standard web server install, there are optional portions throughout this how to for virtualized hosts.

It’s a great working solution if you have even a spare windows system with as little as 2GB RAM. However 4GB is a little more comfortable starter amount of RAM to multi-OS with very little if any performance degradation. I would definitely recommend 8GB+ if your system or pocketbook allows it.

For me this makes a phenomenal backup and development server solution. You will see these VMs are easy to install, use very little disk space and are easy to switch in and out of production. I have CentOS, Fedora and Red Hat Linux VMs and most Linux distributions will run as well as Windows Server in VMs.

ESXi and VMware player are readily available for free at www.vmware.com. Installing VMware player is super simple, I won’t go into that. I would advise you to make a directory to store the VMs in; I use /vm, and within that I store each VM in a directory like /vm/linux01. VMware Player will work with Linux or Windows. VMware ESXi or any other Linux hypervisor such as KVM or Xen should be on bare metal.

Installing CentOS 6.x on VMware Player 6.01

The prerequisites to fully enact this whole series of installs are:

  • At least 1 dedicated static IP for the server – I would not recommend a static IP for your workstation but the CentOS VM itself must have a static IP.
  • At least 1 dedicated domain name like domain.com or hostname.domain.com
  • You will also need a wildcard DNS entry to create sites on demand without individually configuring DNS if you want to run WordPress Multisite https://codex.wordpress.org/Configuring_Wildcard_Subdomains
  • Your router must have inbound firewall exceptions for at least port 80 for web and possibly port 22 for ssh and port 21 for ftp if you want remote access to these.
  • You may also want an inbound firewall exception for port 25 for a mail server but even if you don’t, you definitely want your ISP to unblock outbound port 25 (many do to stop spammers) so your site can send emails for registration and other administrative notices.
  • We are going to enact many server based security measures but think seriously about your perimeter firewall. If you do not need an opening, then close it – multiple layers of security is a very good thing.

Part 1: Create a Virtual Machine

  • Start VMware Player, Select Create a New Virtual Machine.
  • Select radio button I will install the operating system later, then Next.
  • Select Guest operating system Linux and Version CentOS 64-bit, then Next.
  • Name your Virtual Machine. Browse to the location you would like your VMs to be stored in, make a folder in inside of it to be used only for this particular VM, then select OK. Example c:\vm\centos.01, select Next.
  • Crank up the disk size, I select 160GB; it’s not allocated until it’s used, so feel generous here. Select Split virtual disk into multiple files, select Next.
  • Select the Customize Hardware Button.
  • Adjust memory; 1024MB minimum is recommended for a web server in this configuration.
  • Set CD/DVD to Use ISO image file and browse to your CentOS ISO image.
  • Select the network adapter, then Device status select Connect at power on, Network connection change to Bridged and Replicate. Select Next.
  • Check your settings and then select Finish.

If you have any questions or suggestions don’t hesitate to reach out to me!

Next: Part 2 – Installing the OS