How to Install MySQL on CentOS 7 / RHEL 7 / Oracle Linux 7

how to install mysql
In this quick guide, i will show you how to install MYSQL on CentOS 7 / RHEL 7 / Oracle Linux 7 instead of MariaDB.

MariaDB is the default implementation of MySQL in Red Hat Enterprise Linux 7 (RHEL 7) or CentOS 7.

MariaDB is a community-developed fork of the MySQL database project, and provides a replacement for MySQL.

However, in some cases, you still need to install MySQL as your deployment database on you linux server.

How to Install MySQL on CentOS 7 / RHEL 7 / Oracle Linux 7

1. Remove MariaDB installation :
If you server already have MariaDB database server installed, i would suggest you remove it first to avoid conflict.

# sudo yum remove mariadb-server -y

2. Download MySQL 5.7 repo file :

# wget https://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm

3. Install MySQL 5.7 repo file :

# sudo rpm -ivh mysql57-community-release-el7-8.noarch.rpm

4. Install MySQL 5.7 database server :

# sudo yum install mysql-server -y

5. How to Start MySQL server in linux :

# sudo systemctl start mysqld

6. Enable auto start at boot :

# sudo systemctl enable mysqld

7. At the initial start up of the MySQL database server, the following happens, given that the data directory of the server is empty:

a) The server is initialized.
b) An SSL certificate and key files are generated in the data directory.
c) The validate_password plugin is installed and enabled.
d) A superuser account ‘root’@’localhost is created. The initial root password created can be found in the error log file. You can get the password by issue the following command :

# sudo grep 'temporary password' /var/log/mysqld.log
2016-06-19T23:08:09.439963Z 1 [Note] A temporary password is generated for root@localhost: sj-mMM;o%6Ll

8. Harden MySQL Server

Run the mysql_secure_installation script to address several security concerns in a default MySQL installation.

You will be given the choice to change the MySQL root password, remove anonymous user accounts, disable root logins outside of localhost, and remove test databases. It is recommended that you answer yes to these options.

# sudo mysql_secure_installation

Securing the MySQL server deployment.

Enter password for user root:
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password for root.

Estimated strength of the password: 50
Change the password for root ? ((Press y|Y for Yes, any other key for No) : yes

New password:

Re-enter new password:

Estimated strength of the password: 50
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.


Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : no

 ... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.

All done!

Resource : http://dev.mysql.com/

How to Install and Setup 389 Directory Server on CentOS 7

Setup 389 Directory Server389 Directory Server (previously Fedora Directory Server) is an open source enterprise class LDAP server for Linux. It is developed by Red Hat community-supported Fedora Project. The name 389 is derived from the port number for LDAP.

In this article we will guide you through the steps on how to install and setup 389 directory server on CentOS 7.

Steps to Install and Setup 389 Directory Server on CentOS 7

1. Turn off selinux :

vi /etc/sysconfig/selinux

Change SELINUX to disabled then reboot the server :

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

2. Perform basic performance and Security tuning for LDAP server :

# vi /etc/sysctl.conf

Add the following :

net.ipv4.tcp_keepalive_time = 300
net.ipv4.ip_local_port_range = 1024 65000
fs.file-max = 64000
# vi /etc/security/limits.conf

Add the following :

* soft nofile 524288
* hard nofile 524288

3. Reboot the server. This is to take effect the SELINUX and performance tuning setting :

# reboot

4. Install 389 directory packages :

# yum install https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-6.noarch.rpm
# yum install 389-* -y

5. Create ldap user and set its password :

# useradd ldap
# passwd ldap

6. Start 389 installation :

# setup-ds-admin.pl

==============================================================================
This program will set up the 389 Directory and Administration Servers.

It is recommended that you have "root" privilege to set up the software.
Tips for using this program:
  - Press "Enter" to choose the default and go to the next screen
  - Type "Control-B" then "Enter" to go back to the previous screen
  - Type "Control-C" to cancel the setup program

Would you like to continue with set up? [yes]:

==============================================================================
Your system has been scanned for potential problems, missing patches,
etc.  The following output is a report of the items found that need to
be addressed before running this software in a production
environment.

389 Directory Server system tuning analysis version 23-FEBRUARY-2012.

NOTICE : System is x86_64-unknown-linux3.10.0-327.4.5.el7.x86_64 (2 processors).

Would you like to continue? [yes]:

==============================================================================
Choose a setup type:

   1. Express
       Allows you to quickly set up the servers using the most
       common options and pre-defined defaults. Useful for quick
       evaluation of the products.

   2. Typical
       Allows you to specify common defaults and options.

   3. Custom
       Allows you to specify more advanced options. This is
       recommended for experienced server administrators only.

To accept the default shown in brackets, press the Enter key.

Choose a setup type [2]:

==============================================================================
Enter the fully qualified domain name of the computer
on which you're setting up server software. Using the form
.
Example: eros.example.com.

To accept the default shown in brackets, press the Enter key.

Warning: This step may take a few minutes if your DNS servers
can not be reached or if DNS is not configured correctly.  If
you would rather not wait, hit Ctrl-C and run this program again
with the following command line option to specify the hostname:

    General.FullMachineName=your.hostname.domain.name

Computer name [centos72.ehowstuff.local]:

==============================================================================
The servers must run as a specific user in a specific group.
It is strongly recommended that this user should have no privileges
on the computer (i.e. a non-root user).  The setup procedure
will give this user/group some permissions in specific paths/files
to perform server-specific operations.

If you have not yet created a user and group for the servers,
create this user and group using your native operating
system utilities.

System User [nobody]: ldap
System Group [nobody]: ldap

==============================================================================
Server information is stored in the configuration directory server.
This information is used by the console and administration server to
configure and manage your servers.  If you have already set up a
configuration directory server, you should register any servers you
set up or create with the configuration server.  To do so, the
following information about the configuration server is required: the
fully qualified host name of the form
.(e.g. hostname.example.com), the port number
(default 389), the suffix, the DN and password of a user having
permission to write the configuration information, usually the
configuration directory administrator, and if you are using security
(TLS/SSL).  If you are using TLS/SSL, specify the TLS/SSL (LDAPS) port
number (default 636) instead of the regular LDAP port number, and
provide the CA certificate (in PEM/ASCII format).

If you do not yet have a configuration directory server, enter 'No' to
be prompted to set up one.

Do you want to register this software with an existing
configuration directory server? [no]:

==============================================================================
Please enter the administrator ID for the configuration directory
server.  This is the ID typically used to log in to the console.  You
will also be prompted for the password.

Configuration directory server
administrator ID [admin]:
Password:
Password (confirm):

==============================================================================
The information stored in the configuration directory server can be
separated into different Administration Domains.  If you are managing
multiple software releases at the same time, or managing information
about multiple domains, you may use the Administration Domain to keep
them separate.

If you are not using administrative domains, press Enter to select the
default.  Otherwise, enter some descriptive, unique name for the
administration domain, such as the name of the organization
responsible for managing the domain.

Administration Domain [ehowstuff.local]:

==============================================================================
The standard directory server network port number is 389.  However, if
you are not logged as the superuser, or port 389 is in use, the
default value will be a random unused port number greater than 1024.
If you want to use port 389, make sure that you are logged in as the
superuser, that port 389 is not in use.

Directory server network port [389]:

==============================================================================
Each instance of a directory server requires a unique identifier.
This identifier is used to name the various
instance specific files and directories in the file system,
as well as for other uses as a server instance identifier.

Directory server identifier [centos72]:

==============================================================================
The suffix is the root of your directory tree.  The suffix must be a valid DN.
It is recommended that you use the dc=domaincomponent suffix convention.
For example, if your domain is example.com,
you should use dc=example,dc=com for your suffix.
Setup will create this initial suffix for you,
but you may have more than one suffix.
Use the directory server utilities to create additional suffixes.

Suffix [dc=ehowstuff, dc=local]:

==============================================================================
Certain directory server operations require an administrative user.
This user is referred to as the Directory Manager and typically has a
bind Distinguished Name (DN) of cn=Directory Manager.
You will also be prompted for the password for this user.  The password must
be at least 8 characters long, and contain no spaces.
Press Control-B or type the word "back", then Enter to back up and start over.

Directory Manager DN [cn=Directory Manager]:
Password:
Password (confirm):

==============================================================================
The Administration Server is separate from any of your web or application
servers since it listens to a different port and access to it is
restricted.

Pick a port number between 1024 and 65535 to run your Administration
Server on. You should NOT use a port number which you plan to
run a web or application server on, rather, select a number which you
will remember and which will not be used for anything else.

Administration port [9830]:

==============================================================================
The interactive phase is complete.  The script will now set up your
servers.  Enter No or go Back if you want to change something.

Are you ready to set up your servers? [yes]:
Creating directory server . . .
Your new DS instance 'centos72' was successfully created.
Creating the configuration directory server . . .
Beginning Admin Server creation . . .
Creating Admin Server files and directories . . .

7. Start the dirsrv admin service and dirsrv instance :

# systemctl start dirsrv-admin
# systemctl start dirsrv@centos72

8. Configure dirsrv admin service and all dirsrv instance auto start at boot :

# systemctl enable dirsrv.target && systemctl enable dirsrv-admin

9. Allow management and directory service ports :

# firewall-cmd --permanent --add-port=389/tcp
# firewall-cmd --permanent --add-port=636/tcp
# firewall-cmd --permanent --add-port=9830/tcp
# firewall-cmd --reload

10. Verify all the allowed ports :

# firewall-cmd --list-all
public (default, active)
  interfaces: ens160
  sources:
  services: dhcpv6-client ssh
  ports: 389/tcp 9830/tcp 80/tcp 636/tcp
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:

11. Login to your 389 directory from console.

Setup 389 Directory Server

12. Your 389 directory administration console will look as below :

Setup 389 Directory Server

How to Migrate LVM or Volume Group to New Linux Server

Migrate LVMThis article will describe on how to move or migrate LVM and volume group from one server to another.

If you are working in a production environment then you have to know about the software disk management and all the methods to provide flexibility in storage management.

LVM stand for logical volume management. It is a tool to manage and provides a higher-level view of the disk storage.

Below tutorial will be very useful for system administrators who have problems on the linux operating system and want to mount the mounted partition to other systems.

This should be the most simple recovery strategy if we run Linux in VMware virtual machines.

Migrating LVM or Volume Group to new server should be the fastest way to access the important linux partition that may contains user’s data or important configuration files.

How to Migrate LVM or Volume Group to New Server

1. Add vdisk to new virtual machine.

a) Click “Add” to proceed :

Migrate LVM

b) Select “Hard Disk” device type :

Migrate LVM

c) Please choose “Use and existing virtual disk” :

Migrate LVM

d) Browse to vdisk location :

Migrate LVM

e) Click Next to proceed :

Migrate LVM

f) Click finish :

Migrate LVM

g) Finally click “OK” to complete :

Migrate LVM

2. Once the vdisk as been added to new Linux server, please proceed to rescan the linux VM.

a) Identify host bus number :

# ls /sys/class/scsi_host/
host0  host1  host2

b) Rescan the SCSI Bus to Add a SCSI Devices :

# echo "- - -" > /sys/class/scsi_host/host0/scan
# echo "- - -" > /sys/class/scsi_host/host1/scan
# echo "- - -" > /sys/class/scsi_host/host2/scan

3. Check the new disk. The second vdisk by default will be recognised as /dev/sdb. Since the partition type has been formatted as LVM on the previous system, it will show Id “8e” if you run fdisk command.

# fdisk -l
..
..

Disk /dev/sdb: 10.7 GB, 10737418240 bytes
255 heads, 63 sectors/track, 1305 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xce931872

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1        1305    10482381   8e  Linux LVM

There are two method to register and activate the LVM and volume group into new linux server. Proceed to steps 4 – 9 for Method 1. Go to step 10 for Method 2.

4. Use lvscan to scans all known volume groups or all supported LVM block devices in the system for defined Logical Volumes. The output consists of one line for each Logical Volume indicating whether it is active or inactive :

# lvscan
  inactive          '/dev/vg_newlvm/newvol' [9.99 GiB] inherit
  ACTIVE            '/dev/vg_centos66/lv_root' [30.00 GiB] inherit
  ACTIVE            '/dev/vg_centos66/lv_swap' [8.00 GiB] inherit

5. Check existing volume group and logical volume:

# vgscan
  Reading all physical volumes.  This may take a while...
  Found volume group "vg_newlvm" using metadata type lvm2
  Found volume group "vg_centos66" using metadata type lvm2

One of the logical volume in “vg_newlvm” volume group still inactive status.

# lvscan
inactive '/dev/vg_newlvm/newvol' [9.99 GiB] inherit
ACTIVE '/dev/vg_centos66/lv_root' [17.51 GiB] inherit
ACTIVE '/dev/vg_centos66/lv_swap' [2.00 GiB] inherit

6. Export the volume group “vg_newlvm” :

# vgexport vg_newlvm
Volume group "vg_newlvm" successfully exported

7. Then import volume group “vg_newlvm”:

# vgimport vg_newlvm
Volume group "vg_newlvm" successfully imported

8. To activate volume groups “vg_newlvm”, run the following command :

# vgchange -ay vg_newlvm
1 logical volume(s) in volume group "vg_newlvm" now active

9. Check again updated logical volume and volume group status :

# lvscan
  ACTIVE            '/dev/vg_newlvm/newvol' [9.99 GiB] inherit
  ACTIVE            '/dev/vg_centos66/lv_root' [17.51 GiB] inherit
  ACTIVE            '/dev/vg_centos66/lv_swap' [2.00 GiB] inherit

Method 2 :

10. The fastest method to activate the migrated LVM or Volume Group are as below :

# lvscan
inactive '/dev/vg_newlvm/newvol' [9.99 GiB] inherit
ACTIVE '/dev/vg_centos66/lv_root' [17.51 GiB] inherit
ACTIVE '/dev/vg_centos66/lv_swap' [2.00 GiB] inherit

Use lvchange command to activate the LVM.

# lvchange -ay /dev/vg_newlvm/newvol
# lvscan
ACTIVE '/dev/vg_newlvm/newvol' [9.99 GiB] inherit
ACTIVE '/dev/vg_centos66/lv_root' [17.51 GiB] inherit
ACTIVE '/dev/vg_centos66/lv_swap' [2.00 GiB] inherit

11. Create /data folder :

# mkdir -p /data

12. Mount the migrated LVM to /data

# mount /dev/vg_newlvm/newvol /data

13. Verify /date to use migrated LVM :

# df -lh
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/vg_centos66-lv_root
                       18G  5.2G   12G  32% /
tmpfs                 939M     0  939M   0% /dev/shm
/dev/sda1             477M   67M  385M  15% /boot
/dev/mapper/vg_newlvm-newvol
                      9.8G   32M  9.2G   1% /data

How to Change default runlevel in CentOS 7 / RHEL 7

Change default runlevelIn CentOS 7 and RHEL 7, the systemd process replaces the init process for starting services at boot time and also for changing the runlevels. It uses “targets” instead of run-levels and relies on systemctl command to change runlevel or to change the target.

The systemd provides much more control than the init process does while still supporting existing init scripts.

Take note that in RHEL 7 and CentOS 7, any edits of /etc/inittab file will not take effect.

The following articles describe how to change default runlevel in CentOS 7 / RHEL 7.

1. How to determine the state that the system currently configured to boot to :

# systemctl get-default

Example 1 :
If the system running on Non-GUI Mode, “systemctl get-default” command will return “multi-user.target” :

Method 1 :

[root@centos72 ~]# systemctl get-default
multi-user.target

Method 2 :

[root@centos72 ~]# ls -al /etc/systemd/system/default.target
lrwxrwxrwx. 1 root root 37 May 30  2015 default.target -> /lib/systemd/system/multi-user.target

Example 2 :
If the system running on GUI Mode, “systemctl get-default” command will return “graphical.target” :
Method 1 :

[root@centos72-gui ~]# systemctl get-default
graphical.target

Method 2 :

[root@centos72-gui ~]# ls -al /etc/systemd/system/default.target
lrwxrwxrwx. 1 root root 36 Jun  5  2015 /etc/systemd/system/default.target -> /lib/systemd/system/graphical.target

However, you can still use the runlevel command as it was left intact for backward compatibility:

[root@centos72 ~]# runlevel
N 3
[root@centos72-gui ~]# runlevel
N 5

In case you are required to change from your CentOS 7 from Non-GUI (text-based) mode to GNOME Desktop mode, you have to ensure the following group of packages has been installed properly :

a) Server with GUI (This is for server)
b) GNOME Desktop
c) Graphical Administration Tools

2. How to Install Gnome GUI in CentOS 7 :

# yum groupinstall "GNOME Desktop" "Graphical Administration Tools" "Server with GUI"

3. How to list all currently loaded and available targets :

# systemctl list-units -t target
UNIT                 LOAD   ACTIVE SUB    DESCRIPTION
basic.target         loaded active active Basic System
cryptsetup.target    loaded active active Encrypted Volumes
getty.target         loaded active active Login Prompts
graphical.target     loaded active active Graphical Interface
local-fs-pre.target  loaded active active Local File Systems (Pre)
local-fs.target      loaded active active Local File Systems
multi-user.target    loaded active active Multi-User System
network.target       loaded active active Network
paths.target         loaded active active Paths
remote-fs-pre.target loaded active active Remote File Systems (Pre)
remote-fs.target     loaded active active Remote File Systems
slices.target        loaded active active Slices
sockets.target       loaded active active Sockets
swap.target          loaded active active Swap
sysinit.target       loaded active active System Initialization
timers.target        loaded active active Timers

In below example, the following target are required to be laoded :

graphical.target     loaded active active Graphical Interface
multi-user.target    loaded active active Multi-User System

How to Change default runlevel

4. How to Change default runlevel from Non-GUI (text-based) mode to GNOME Desktop in CentOS 7 / RHEL 7

# systemctl set-default multi-user.target

5. How to Change default runlevel from GNOME Desktop to Non-GUI (text-based) mode in CentOS 7 / RHEL 7

# systemctl set-default graphical.target

Resource :
https://access.redhat.com/articles/754933