Skip to main content

Posts

Showing posts from July, 2021

KVM - Headless Server setup with Bonding, Bridging and LVM on AlmaLinux 8

There's an older version covering EL7 Since stable releases have been available for Rocky and Alma for quite some time, I've decided to write quick step-by-step guide to get a kvm-hypervisor set up on EL8. I'll start with a minimal install of AlmaLinux 8 with the latest updates applied. First, install the required packages to make the host a hypervisor: [archy@hyv01 ~]$ sudo dnf -d 2 -y --refresh module enable virt [archy@hyv01 ~]$ sudo dnf -d 2 -y --refresh install qemu-kvm libvirt libguestfs-tools virt-install tuned swtpm cockpit cockpit-machines [archy@hyv01 ~]$ sudo systemctl enable --now libvirtd.service tuned.service [archy@hyv01 ~]$ sudo tuned-adm profile virtual-host NOTE: Tuned is optional but might give you just a little bit more optimization for your workload. Next up, network configuration. I'll create a bond with 4 NICs which can then be used for vlans and bridges. [archy@hyv01 ~]$ sudo nmcli connection add type bond con-name bond0 ifname bond0 mod

Foreman - Set up remote execution

Since the Katello-Agent has been deprecated. remote-execution is the recommended successor. The setup is fairly simple since a few arguments passed to the foreman-installer will set everything up automatically. First I'm going to create a new ssh-key pair: [archy@foreman ~]$ sudo su foreman-proxy -s /usr/bin/sh -c 'ssh-keygen -a 128 -t ecdsa -b 521 -C "foreman-proxy $(date +%F)" -f /var/lib/foreman-proxy/ssh/id_ecdsa_foreman_proxy -N "" -Z "chacha20-poly1305@openssh.com"' Next, let's enable the remote-execution plugin and the remote-execution-ssh plugin. Also I will configure the directory where the ssh-key is stored ('/var/lib/foreman-proxy/ssh') as well as the key-name ('id_ecdsa'). [archy@foreman ~]$ sudo foreman-installer --scenario katello \ --enable-foreman-plugin-remote-execution \ --enable-foreman-proxy-plugin-remote-execution-ssh \ --foreman-proxy-plugin-remote-execution-script-generate-keys \ --fore