https://www.openshift.com/blog/introduction-to-the-openshift-4-logging-stack
Enhanced Platform Awareness in Red Hat OpenShift
Four part series published on Medium.com
Enhanced Platform Awareness (EPA) in OpenShift — Part I, HugePages
Enhanced Platform Awareness (EPA) in OpenShift — Part II, CPU pinning
Enhanced Platform Awareness (EPA) in OpenShift — Part III, NUMA Topology Awareness
Enhanced Platform Awareness (EPA) in OpenShift — Part IV, SR-IOV, DPDK and RDMA
OpenShift Cheat Sheet
Installing RHEL 8.1 on Dell R710/R610 with H700 Raid Controller
Introduction
A large number of storage controller drivers have been removed from RHEL 8.x, which means that the Dell R710/R610 with the H700 RAID controller, no longer supports RHEL 8.x natively. While this fact is unfortunate for a lot of hobbyists with their own homelabs, you can still install RHEL 8.x on these machines with the use of a driver update disk (DUD).
Setup
Using the link below, navigate and download the deprecated drivers.
https://elrepo.org/linux/dud/el8/x86_64
For Dell the R710/R10, you are specifically looking for the megaraid_sas drivers. See output below from R610.
# dmesg | grep raid
[ 1.402339] megaraid_sas 0000:03:00.0: FW now in Ready state
[ 1.402346] megaraid_sas 0000:03:00.0: 64 bit DMA mask and 32 bit consistent mask
[ 1.402571] megaraid_sas 0000:03:00.0: irq 34 for MSI/MSI-X
[ 1.402593] megaraid_sas 0000:03:00.0: firmware supports msix : (0)
The specific DUD iso that you need for RHEL 8.1 is shown below.
https://elrepo.org/linux/dud/el8/x86_64/dd-megaraid_sas-07.707.51.00-1.el8_1.elrepo.iso
Installation
The install process is as follows.
- Download RHEL 8.x media and burn to dvd or usb drive
- Download deprecated drivers in iso format and burn to usb drive
- Boot with both RHEL 8.x media and DUD mounted
- The installer should detect the DUD iso and install the proper drivers
Special Note: In my testing (3 systems) the DUD was not automatically detected by Anaconda. I suggest using the method below.
Troubleshooting
When you burn your DUD a usb stick, that the usb drive’s volume label is OEMDRV. This was the default when I burned the iso. The RHEL installer (anaconda) will look for this label on any and all available disks and should automatically recognize the DUD and mount the usb drive.
However, if this does not occur during the install process, and the installer still does not see your disks, you may need to reboot and this time interrupt the installer with the TAB key and append the following to your boot options.
inst.dd=/dev/sdb1
On my system, the DUD was /dev/sdb1 and the RHEL 8.1 install media was /dev/sda.
Resources:
https://access.redhat.com/discussions/3722151
https://elrepo.org/linux/dud/el8/x86_64
Red Hat: Identity Management Server Setup and HA on RHEL 7
Introduction
Red Hat Identity Management Server provides is a centralized identity management server for Linux, Mac, Windows.
In this post we are going to setup and configure a HA deployment of Red Hat IDM on two RHEL 7.x servers.
Red Hat Identity Management Server is based on the upstream project, FreeIPA.
Prerequisites
Only a couple of prerequisites for a simple lab setup
- You need working dns with forward and reverse entries for both IDM servers
- NSCD needs to be disabled on each IDM server
- Proper hostname needs to be set on each IDM node (cannot use localhost)
- IPV6 needs to be enabled, but you do not need to have an IPV6 address on external interfaces
OpenSCAP Part 4: Integration with Red Hat Satellite 6.5
Introduction
This is the 4th installment of a series of posts focusing on OpenSCAP. Previous posts in this series can be found below.
OpenSCAP Part 1: Introduction and Basic Usage for RHEL 7/CentOS 7/Fedora
OpenSCAP Part 2: SCAP Content for RHEL 7
OpenSCAP Part 3: Running Scans from the Command Line in RHEL 7
This time around we are going to work on integrating OpenSCAP functionality into Red Hat Satellite 6.5
Installing SCAP Content on Satellite Server
SSH into your satellite server and run the command below as root.
# foreman-rake foreman_openscap:bulk_upload:default
By default only a few content files are added.
Installing Additional SCAP Content
This can be done via the UI (and possibly via the CLI, however I have not attempted this).
In this example I have already downloaded RHEL 8 content from here.
Log into the Satellite UI, and navigate to “Hosts” > “SCAP content”
Select “Upload New SCAP Content”
And select Choose File to select a file from your local machine.
OpenSCAP Part 3: Running Scans from the Command Line in RHEL 7
Introduction
In part 1 of this series we were introduced to OpenSCAP and the process of running scans via the SCAP workbench. In part 2, we explored concepts and components that define security/vulnerability scans. In this 3rd post we are going to dive into the command line operation.
Let’s get started with oscap.
Installing oscap
In RHEL 7 oscap can be installed with the following command
# yum -y install scap-security-guide openscap-scanner
Content is installed under the following directory. Note that ssg is short for SCAP Security Guide.
/usr/share/xml/scap/ssg/content
Lets change directories to the one listed above and view the installed files.
Using oscap we can view more info on each file shown above. In this example we are going to inspect the ssg-rhel7-ds.xml file.
# oscap info ssg-rhel7-ds.xml