Posts Tagged Under: RHCE

NFS – Set up private group folders

Let’s say you want to setup group folder that’s available via nfs. However this time only a particulat Linux group is allowed to have read+write access to this folder. You can do this by ensuring the exported folder is owned by a group, and then setup the SGID. You can follow along this article using this vagrant project on Github.

We will walk through the following example:

+--------------------------+              +--------------------------+
|                          |              |      															

RHCE – Make websites more secure by setting up HTTPS and SSL/TLS for CentOS 7

So far we have configured web servers to allow connections via the http protocol. However http is not secure which is why it’s better to use https.

When using https, we actually encrypt all data traffic using Symmetric and Asymmetric Encryption.

To setup the above encryption system on our Apache server, we need to first to install the ssl addon module that will allow Apache to be able to communicate on the SSL/TLS layer:

$ yum install mod_ssl

Next we need to install the software that is used for generating public-private key-pairs, so that we can create a key-pair for our web server.

$ yum install openssl

Next we create the private key and it’s csr file. We generate the private key by running the following:

$ openssl genpkey -algorithm RSA -out -pkeyopt rsa_keygen_bits:2048


System monitoring and reporting using sysstat and dstat on CentOS/RHEL 7

It’s often useful to measure and view various system utilisation metrics, such as for:

  • cpu
  • memory
  • disk
  • network

There are a lot of tools that can measure and collect these metrics, including:

  • dstat – suited for creating realtime reports
  • sysstat – suited for creating historical reports

dstat in action

Dstat shows realtime system utilisation data. First you need to install it:

$ yum install dstat

running dstat on it’s own gives a steady stream of output until you exit out:

[root@target man]# dstat
You did not select any stats, using -cdngy by default.
----total-cpu-usage---- -dsk/total- -net/total- ---paging-- ---system--
usr sys idl wai hiq siq| read  writ| recv  send|  in   out | int   csw
  0   0 100   0   0   0|  23k   53k|   0  															

Real world examples of using firewalld on CentOS/RHEL 7

Previously we gave a brief introduction to firewalld, but we are now going to walk through a few firewalld setups that’s often seen in the real world.

I have created a vagrant project that you can use to follow along in this tutorial. We will use the following demo setup throughout this article:

|                webserver.local                    |
|          +------------------------+               |
|          |  Apache (httpd daemon) |															

RHCE – About this course

This course covers everything you need to know in order to pass the RedHat Certified Engineer (RHCE) exam. This course assumes you already are well versed with all the topics that are covered in RHCSA course.