RHCSA: Manage users and groups

  • Create, delete, and modify local user accounts
    useradd
    usermod
    userdel
  • Change passwords and adjust password aging for local user accounts
    passwd
    chage
    /etc/login.defs
  • Create, delete, and modify local groups and group memberships
    groupadd
    groupmod
    groupdel
  • Configure a system to use an existing authentication service for user and group information
    yum install sssd auth*
    system-config-authentication / authconfig-tui
    LDAP
    Base DN dc=example,dc=com
    LDAP server ldap://classroom.example.com
    Use TLS
    Download cert
    Method – LDAP password
Advertisements

RHCSA: Deploy, configure, and maintain systems

  • Configure networking and hostname resolution statically or dynamically
    nmcli, nmtui
    /etc/resolv.conf
    /etc/hosts
    hostnamectl
  • Schedule tasks using at and cron
    at 15:00 <<%
    echo test
    %
    crontab –e –u gertrude
    15,45 09-17 * * 6 echo test
  • Start and stop services and configure services to start automatically at boot
    systemctl start/stop sshd.service
    systemctl enable sshd.service
  • Configure systems to boot into a specific target automatically
    systemctl set-default graphical.target
    systemctl set-default multi-user.target
  • Install Red Hat Enterprise Linux automatically using Kickstart
    system-config-kickstart
  • Configure a physical machine to host virtual guests
    yum install qemu-kvm qemu-img libvirt virt-manager
  • Install Red Hat Enterprise Linux systems as virtual guests
    virt-install / virtmanager
  • Configure systems to launch virtual machines at boot
    virsh autostart ‘name’
  • Configure network services to start automatically at boot
    systemctl enable network
  • Configure a system to use time services
    yum install chrony
    /etc/ntp.conf
  • Install and update software packages from Red Hat Network, a remote repository, or from the local file system
    yum install package
    yum upgrade package
    rpm –Uvh / –ivh package
    yum-config-manager –add-repo http://content.example.com/rhel7.0/x86_64/dvd
  • Update the kernel package appropriately to ensure a bootable system
    yum upgrade kernel
    rpm -ivh kernel-<kernel version>.<arch>.rpm
  • Modify the system bootloader
    grubby –info=/boot/<kernel>
    grubby –remove-args=”arg1 arg2” –args=”argx argy” –update-kernel=/boot/<kernel>
    grubby –update-kernel=ALL

RHCSA: Create and configure file systems

  • Create, mount, unmount, and use vfat, ext4, and xfs file systems
    mkfs.xfs, mkfs.ext4, mkfs.vfat
    mount, umount
    /etc/fstab
  • Mount and unmount CIFS and NFS network file systems
    mount –t cifs server:/vol/share /mnt/share -o user=userid,pass=pword,dom=AD
    mount –t nfs server:/vol/share /mnt/share
  • Extend existing logical volumes
    vgextend
    lvextend
    xfs_growfs
    resize2fs
    ssm resize
  • Create and configure set-GID directories for collaboration
    setgid dirs make created files/dirs have the setgid group id
    chgrp mygroup ./directory
    chmod 2755 ./directory
  • Create and manage Access Control Lists (ACLs)
    getfacl
    setfacl
  • Diagnose and correct file permission problems
    chmod, chown, getfacl, setfacl

RHCSA: Configure local storage

  • List, create, delete partitions on MBR and GPT disks
    fdisk gdisk parted
    blkid lsblk
  • Create and remove physical volumes, assign physical volumes to volume groups, and create and delete logical volumes
    using a new disk/partition with LVM: pvcreate /dev/device
    creating a new volume group: vgcreate VG00 /dev/device
    adding a PV to an existing volume group: vgextend VG00 /dev/device
    creating a logical volume: lvcreate -L 100G -n lvhome VG00
  • Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label
    blkid to get the UUID/label, then add to /etc/fstab
    can set label on ext filesystems with tune2fs or e2label
  • Add new partitions and logical volumes, and swap to a system non-destructively
    as per above commands!
    need to set the fstype correctly with fdisk/gdisk/parted
    mkswap, swapon

RHCSA: Operate running systems

  • Boot, reboot, and shut down a system normally
    reboot, poweroff, shutdown, wall
    systemctl reboot/poweroff/suspend/hibernate/hybrid-sleep/halt
    The systemctl commands are preferred.
  • Boot systems into different targets manually
    systemctl get-default, systemctl set-default multi-user.target
    systemctl rescue, systemctl emergency, systemctl isolate multi-user.target
    systemctl set-default graphical.target
  • Interrupt the boot process in order to gain access to a system
    Esc in grub, e to edit, find linux16 line, CTRL-E to get to end of line and
    Boot to rescue mode:
    append system.unit=rescue.targetBoot to change root passwd:
    remove rhgb and quiet (if there)
    append rd.break enforcing=0 to break after ramdisk, and turn off SElinux
    mount –o remount,rw /sysroot
    chroot /sysroot
    passwd… etc
    exit
    mount –o remount,ro /sysroot
    exit (continues boot process)
    restorecon /etc/shadow
    setenforce enforcing
  • Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes
    top, nice –n <nnn>, renice +5, kill, kill -9
    you can only lower the priority of your processes, unless you are root which can raise them too
  • Locate and interpret system log files and journals
    /var/log/*
    journalctl
  • Access a virtual machine’s console
    virt-manager
  • Start and stop virtual machines
    virt-manager
    virsh start myVM
    virtsh shutdown myVM
    virsh reboot myVM
  • Start, stop, and check the status of network services
    systemctl start/stop/status network.service

Securely transfer files between systems
scp file user@system2:/path/newfile

RHCSA: Manage security

  • Configure firewall settings using firewall-config, firewall-cmd, or iptables
    firewall-config (graphical tool)
    firewall-cmd
    iptables
  • Configure key-based authentication for SSH
    ssh-keygen –t rsa
    ~/.ssh/authorized_keys
  • Set enforcing and permissive modes for SELinux
    boot parameter “enforcing=0|1”
    Edit /etc/sysconfig/selinux applied at reboot
    setenforce Enforcing|Permissive|1|0
  • List and identify SELinux file and process context
    /etc/selinux/targeted/contexts/
  • Restore default file contexts
    restorecon /file
  • Use boolean settings to modify system SELinux settings
    /etc/selinux/targeted/modules/active/Booleans
    getsebool
    setsebool
    sestatus –b | grep ‘httpd’
  • Diagnose and address routine SELinux policy violations
    view SELinux violations: sealert
    fix basic problems: restorecon, or with the instructions shown

VCP6-DCV Beta Exam available

My colleague @MrCNeale pointed out to me that the VCP6-DCV Beta Exams are now available (see here)

There are 2 options for those who are already VCP5-DCV

  1. Take the VCP6-DCV Beta Exam
  2. Take the VCP6-DCV Delta Beta Exam

Obviously, the delta exam is shorter (but not by much)

The usual blueprint doesn’t appear to be available as a PDF, just an expandable web page list, so I’ve copied it all into a file available here. The objectives which are required for the Full exam but not the Delta, are highlighted in italics. Unfortunately, CutePDF doesn’t properly convert URL links :/ So here is the full list of files you need with it:

Administering VMware Virtual SAN
Best Practices for Running VMware vSphere® on iSCSI
Command-Line Installation and Upgrade of VMware vCenter Server 6.0 for Windows
Command-Line Installation and Upgrade of VMware vCenter Server Appliance 6.0
Leveraging NIC Technology to Improve Network Performance in VMware vSphere
Multipathing Configuration for Software iSCSI Using Port Binding
Performance Evaluation of Network I/O Control in VMware vSphere 6
Security of the VMware vSphere® Hypervisor
vCenter Operations Manager Getting Started Guide (vSphere UI)
Virtual SAN 6.0 Performance: Scalability and Best Practices
VMware Hardened Virtual Appliance Operations Guide added to Tech Resource Directory
VMware vCenter Converter Standalone Guide
VMware vCenter Server™ 6.0 Deployment Guide
VMware vCloud Air – Disaster Recovery User’s Guide
VMware vSphere Replication Administration
VMware vSphere® Data Protection™ 6.0
VMware vSphere® Data Protection™ Evaluation Guide
VMware vSphere® Storage APIs – Array Integration (VAAI)
vSphere Administration with the vSphere Client Guide
vSphere App HA Installation and Configuration Guide
vSphere App HA User’s Guide
vSphere Availability Guide
vSphere Data Protection Administration Guide
vSphere Host Profiles Guide
vSphere Installation and Setup Guide
vSphere Monitoring and Performance Guide
vSphere Networking Guide
vSphere Resource Management Guide
vSphere Security Guide
vSphere Server and Host Management Guide
vSphere Storage Guide
vSphere Troubleshooting Guide
vSphere Upgrade Guide
vSphere Virtual Machine Administration Guide
What’s New in the VMware vSphere® 6.0 Platform
What’s New in VMware vSphere® Flash Read Cache®
What’s New: VMware Virtual SAN 6.0