Tuesday, April 28, 2015

Libvirtd Error after Package Update

We were getting following error after package for libvirtd got updated to 1.2.8


Apr 28 12:18:04 compute1 libvirtd[12294]: failed to load module /usr/lib64/libvirt/connection-driver/libvirt_driver_storage.so /usr/lib64/libvirt/connection-driver/libvirt_driver_storage.so: symbol dm_task_get_info_with_deferred_remove, version Base not defined in file libdevmapper.so.1.02 with link time reference
Apr 28 12:18:04 compute1 libvirtd[12294]: failed to load module /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so: undefined symbol: virStorageFileCreate
Apr 28 12:18:04 compute1 libvirtd[12294]: Module /usr/lib64/libvirt/connection-driver/libvirt_driver_lxc.so not accessible
Apr 28 12:18:04 compute1 systemd[1]: Started Virtualization daemon.
Apr 28 12:19:01 compute1 libvirtd[12294]: no connection driver available for qemu:///system
Apr 28 12:19:01 compute1 libvirtd[12294]: End of file while reading data: Input/output error
Apr 28 12:23:42 compute1 libvirtd[12294]: no connection driver available for qemu:///system
Apr 28 12:23:42 compute1 libvirtd[12294]: End of file while reading data: Input/output error
Apr 28 12:23:42 compute1 libvirtd[12294]: no connection driver available for qemu:///system
Apr 28 12:23:42 compute1 libvirtd[12294]: End of file while reading data: Input/output error


Solution for this was to update the device-mapper diver and restart the services.

yum update device-mapper

Similar issue : https://bugzilla.redhat.com/show_bug.cgi?id=1164773

Friday, April 24, 2015

Updating CA certificates in Fedora/Centos/RHEL

On Fedora since 19, RHEL / CentOS 7, and RHEL / CentOS 6  the correct method is to place the certificate to be trusted (in PEM format) in /etc/pki/ca-trust/source/anchors/ and run sudo update-ca-trust.
 (If the certificate is in OpenSSL’s extended BEGIN TRUSTED CERTIFICATE format, place it in /etc/pki/ca-trust/source). On RHEL 6, you have to activate the system with update-ca-trust enable after installing the update.

Thursday, April 23, 2015

Mysql Engine Swap MyISam to InnoDB and InnoDB to MyISam



To convert all tables in a database from InnoDB to MyISAM, run the MySQL following command, replacing db_name with the database name in question:


mysql -e "SELECT concat('ALTER TABLE ', TABLE_NAME,' ENGINE=MYISAM;') FROM Information_schema.TABLES WHERE TABLE_SCHEMA = 'db_name' AND ENGINE = 'InnoDB' AND TABLE_TYPE = 'BASE TABLE'"

Then, after stopping MySQL, you want to get the ibdata* and ib_logfiles out of the way:

Code:
/etc/init.d/mysql stop
mkdir -p /root/innodb.bak
mv ib* /root/innodb.bak/
/etc/init.d/mysql start

Now you've got MySQL started up with the tables using MyISAM, and it's time to get them converted back to InnoDB, fingers crossed (again replace db_name with your database name):

mysql -e "SELECT concat('ALTER TABLE ', TABLE_NAME,' ENGINE=InnoDB;') FROM Information_schema.TABLES WHERE TABLE_SCHEMA = 'db_name' AND ENGINE = 'MyISAM'"

Tuesday, April 21, 2015

Enabling Instance resizing In Openstack Juno


Editing Configuration
#Run on ALL Compute Server and Contoller Server

sed -i "s/#allow_resize_to_same_host.*/allow_resize_to_same_host=true/g" /etc/nova/nova.conf
sed -i "s/#allow_migrate_to_same_host.*/allow_migrate_to_same_host=true/g" /etc/nova/nova.conf

Configure the nova user
usermod -s /bin/bash nova

And enable password less authentication between Nova user’s in all server’s.

To Create Public and Private key for the user
ssh-keygen

To Copy the Public key to other users
ssh-copy-id <To all Server’s>

Add the Following Configruation file under Nova User in Every Server which has a Nova User
su - nova
cat << EOF > ~/.ssh/config
Host *
    StrictHostKeyChecking no
    UserKnownHostsFile=/dev/null
EOF

Monday, April 13, 2015

Creating Custom Windows Image for Openstack

Creating Custom Windows Images.

Setting up the KVM environment to create the custom images.

Installing Packages # We can do it on Compute 2

yum install kvm qemu-kvm python-virtinst libvirt libvirt-python virt-manager libguestfs-tools

Once the packages are installed we need to get the ISO’s.

Now we need the Virtio Driver’s so that windows can detect unsigned devices like linux from http://alt.fedoraproject.org/pub/alt/virtio-win/latest/

wget http://alt.fedoraproject.org/pub/alt/virtio-win/latest/virtio-win-0.1-81.iso

First Create the Disk on which the OS need to be installed

qemu-img create -f qcow2 -o preallocation=metadata windows.qcow2 20G

Start the KVM installation

qemu-system-x86_64 -enable-kvm -m 4096 -cdrom en_windows_7_professional_with_sp1_x64_dvd_u_676939.iso -drive file=windows.qcow2,if=virtio -drive file=virtio-win-0.1-100.iso,index=3,media=cdrom  -boot d -vga std -k en-us -vnc 10.1.52.42:1 -usbdevice tablet

Connect to Installation
Once the above step is done you will be able to connect to VNC using 10.1.52.42:1

You will be connected to VNC and you will be at the installations screen. Click Next to continue


Select Install option to continue with installation.


Selecting the Hard disk Driver

While setting the Installation driver we need to load the driver, Select the load driver option and load the driver from the Virto ISO we have mounted


Continue with the installation

  
Once you are done with the installation .The instance will be having Internet connection as you are using default NIC setting so download the Cloud init for windows from
https://github.com/cloudbase/cloudbase-init

To allow Cloudbase-Init to run scripts during an instance boot, set the PowerShell execution policy to be unrestricted:

C:\powershell
C:\Set-ExecutionPolicy Unrestricted
Download and install Cloudbase-Init:
C:\Invoke-WebRequest -UseBasicParsing http://www.cloudbase.it/downloads/CloudbaseInitSetup_Beta_x64.msi -OutFile cloudbaseinit.msi
Shutdown the instance.

Final Configuration

Once installation is completed load the computer with virto NIC with following Command

qemu-system-x86_64 -enable-kvm -m 4096 -drive file=windows.qcow2,if=virtio -drive file=virtio-win-0.1-100.iso,index=3,media=cdrom  -boot d -vga std -k en-us -vnc 10.1.52.42:1 -usbdevice tablet -net nic,model=virtio

Connect to VNC and add the Virto NIC Driver From Device manager

Enable RDP in the Server.


Installing Cloud init .

Complete the Cloud Init installation
Run the Cloud-init Service to start the installation and Configure it as below.

C:\.\cloudbaseinit.msi
In the configuration options window, change the following settings:
Username: Administrator
Network adapter to configure: Red Hat VirtIO Ethernet Adapter
Serial port for logging: COM1
When the installation is done, in the Complete the Cloudbase-Init Setup Wizard window, select the Run Sysprep and Shutdown check boxes and click Finish.


Now the Image is ready for Use.

You can get the windows password by

nova get-password <instance ID> <ssh-key>

Add the image through front end Images >> Create Images

Wednesday, April 1, 2015

Protect Grub2 with Password Centos7/rhel7


Protect Grub2 with Plain Password Method
1.)Login as a root user
su –

2.) Backup the existing grub.cfg so if anything goes wrong we can always restore it.
>>cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.orig

To specify a superuser, add the following lines in the /etc/grub.d/01_users file, where john is the name of the user designated as the superuser, and johnspassword is the superuser's password:

cat <<EOF
set superusers="john"
password john johnspassword
EOF

On BIOS-based machines, issue the following command as root:
>>grub2-mkconfig -o /boot/grub2/grub.cfg
On UEFI-based machines, issue the following command as root:
>> grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg

To Use Encrypted password
Create the encrypted password using
grub2-mkpasswd-pbkdf2
Enter Password:
Reenter Password:
PBKDF2 hash of your password is grub.pbkdf2.sha512.10000.19074739ED80F115963D984BDCB35AA671C24325755377C3E9B014D862DA6ACC77BC110EED41822800A87FD3700C037320E51E9326188D53247EC0722DDF15FC.C56EC0738911AD86CEA55546139FEBC366A393DF9785A8F44D3E51BF09DB980BAFEF85281CBBC56778D8B19DC94833EA8342F7D73E3A1AA30B205091F1015A85

Now we can change the entry in the file /etc/grub.d/01_users as follows

cat <<EOF
set superusers="john"
password_pbkdf2 john grub.pbkdf2.sha512.10000.19074739ED80F115963D984BDCB35AA671C24325755377C3E9B014D862DA6ACC77BC110EED41822800A87FD3700C037320E51E9326188D53247EC0722DDF15FC.C56EC0738911AD86CEA55546139FEBC366A393DF9785A8F44D3E51BF09DB980BAFEF85281CBBC56778D8B19DC94833EA8342F7D73E3A1AA30B205091F1015A85
EOF