EX294 Red Hat Certified Engineer RHCE – Setting Up LAB Environment

  • By
  • January 19, 2023
0 Comment

1. LAB Setup details

Hello, welcome to this section. In this section we will prepare lab setup environment for this course. First of all we’ll discuss about lab setup details. We will use five CentOS eight VMs installed using Oracle VirtualBox. I am using windows machine as host machine and I have VirtualBox installed on it it in case you don’t have install VirtualBox. Next we’ll install one Linux machine with GUI with graphical user interface with workstation as software selection and other four VMs will be installed with minimum install option. Note to use enough resources of your host machine which is practical approach in case you don’t have enough resources available on your host machine. Minimum of 8GB of Ram is needed on host machine. 16GB of Ram is preferred on managed nodes.

Will leave some disk space free to add new partitions as a part of different tasks we will be doing during this course. This table displays information about different VMs we are going to use in our lab setup. We’ll install ansible desk VM with graphical user interface with workstation as software selection. We can also use server with GUI option. We’ll install ansible control node on this VM. Rest four VMs will be installed with minimum install option and they will be acting as managed hosts. I will be using two plus gigabytes of Ram for ansible C VM.

For rest I will use one 5GB of Ram. In case you don’t have enough resources, you can use one 5GB of Ram for ansible dash CVM and for Rest VMs you can use 800 MAB. This should work perfectly fine. Of course machines will be slow. Next hard disk I will assign 25GB of hard disk to ensure CVM. For Rest, I will assign 30GB of hard disk space. Next we have hostname and IP address details for these VMs. We’ll assign these host names to respective VMs. Also we need to configure IP view for addresses on Ethernet interfaces.

On respective VMs, we are using 192, 168, 99, 24 network to connect all these machines on internal network on VirtualBox, we’ll install ancillary CVM using auto partitioning scheme. On managed node VMs will configure manual partitions. Because we have to keep some space free, we’ll use custom partitioning and we’ll leave some disk space free for practical tasks about disk management. For boot file system, I will use 300 MAB. For home file system, I will use 10GB of disk space. For root, I will use 12GB of disk space. With this disk space allocation, we’ll have seven to 71gb of free disk space on all managed nodes. This is all about this lecture. In next lecture we’ll set up VMs and we’ll connect them on internal network on VirtualBox.

2. Setting Up VM’s and putting them on Internal Network.

In this lecture we’ll set up different VMs as described in previous lecture. This is how our lab setup will look alike. Finally, this is ansible CVM where we will install ansible control node. We will assign 192 dot 168. Dot 99 dot 124 IP address on ethernet interface on on this VM these are managed nodes VMs will assign 192 168 99 1024 IP address on ethernet interface on Mhost one. In similar way we’ll assign or configure IPV four address 24 on Amhost two, m host three and Mhost four respectively. Now we’ll move ahead to set up these machines on VirtualBox and connect them on internal network to make them physically reachable. Here I have Oracle VM VirtualBox Manager open. I already installed two VMs and Sibel dashc with graphical user interface and I’m host one with minimum install option with configurations. As we discussed already, because you are Rscsa and I assume you know how to install VMs. So I did. Note waste time explaining all the steps.

We still need three more VMs Mhost two, M host three, and M host four. For this, I will clone M host one three times. But before doing that. First of all, I will connect these two VMs on internal network on VirtualBox to make them physically reachable to each other. Also, we will verify boot order. Hard disk must be on the top in the boot order. List. So I will start with ansible CVM. We’ll right click here we’ll hit settings and here I will hit system tab. So here is the boot order. So here we can see hard disk is already on the top. You don’t need to do anything in case you need to change the order, you can select you can use up, down arrow keys to make the changes.

Now, I will hit network tab. So here we need to use internal network we’ll use internal network we’ll use name and sybil so this is already filled in we’ll hit OK to make these changes we have done now we’ll do the same thing for M host one we’ll go to system. And here we need to put the hard disk on the top. We’ll select hard disk and move hard disk on the top so that system will boot with the installed hard disk on the network tab. Again, we need to select internal network. And here an Siebel appears by default. I will press OK. Now, both these VMs are physical, accessible from each other from VirtualBox point of view. Now, we need to create three more VMs for this. Having already set, we’ll clone am host one three times. I will right click here. Hit clone. Change the name to M. Host two clone type is full clone snapshots current machine state keep all these things like this.

Only hit clone. Now we have Mhost two. Now we can clone any of these two VMs because they are same. We need ultimately four VMs. Now we need one more. This time I will clone Am host three because this does not make any difference. Now we have four managed hosts and one ansible CVM. Will verify settings of these VMs. Right click settings will verify boot order. We have hard disk on the top. In the network we have internal network ansible network adapter must be enabled so it would be same as that of Amhost One because we just cloned these VMs from Amhost One. Just to make sure everything is fine. Just verify settings so everything seems okay. Now, next step is to configure IPV four addresses and assigning host names to the VMs. So I will start these VMs. Then in next lecture we’ll move to the next step of configuring IPV four addresses and assigning host names.

3. Configuring IPv4 address and assigning hostname

All the VMs are started and they are in running state. Now we’ll proceed further to configure IPV four addresses and assigning host names to different VMs I’m on NCB CVM. I will start with this VM. First we’ll use Nmtui utility for this task which is nmcli text user interface. First of all I will switch user to root. Now, here I will type nmtui. This window will appear. So we need to edit a connection. I will hit enter. Here, ethernet interface or device is already selected. Interface name is ENP zero s three you might have different interface name. For example ETH Zero which is traditional Ethernet interface naming scheme. Now we can move around with the help of Tab. We’ll hit Tab, we need to edit connection. I will hit enter here. Here again with the help of Tab we’ll move around. We need to configure IPV four addressing. So here I will hit enter. We need to change this to Manual for static IPV four addressing. Make sure you are changing this to manual. So here we’ll hit on show.

Then again with the help of Tab we’ll move and we’ll hit on add. Here we need to type IPV four address. We need to set 192, 106, 899124 we don’t need to configure gateway DNS server. We’ll move around with the help of Tab. So here this is important. So normally this is note selected. You must select this with the help of space bar. So this x sign means this is selected. So automatically connect means connection will be activated during system startup or during system boot. This is equal to own. Boot is equal to yes. So in case you forget to select this, your connection will not be activated after reboot. So make sure this is selected. Now again with the help of Tab we’ll move and we’ll hit Enter on OK.

Now next we’ll again use Tab. We’ll move back, we’ll activate connection. We’ll hit tab. We need to activate. We’ll hit enter. No connection has been activated. Here, asterisk sign indicates connection is activated. Now we’ll use Tab on back we’ll hit Enter. Now we need to set hostname. Here we’ll type Hostname which is ancible C dot example. We’ll hit OK again. Okay, we’ll move down on Quit and hit Enter to quit. Now we can see IP address has been assigned on Ethernet interface ENP zero f three we can verify hostname with the hostname command or we can just exit and again switch user to root. So here we can see hostname has been correctly set.

Now we are on Mhost one. We’ll login as root to configure IPV for address and assign hostname. We’ll use Nmtui. Again. We’ll hit enter. Interface name is already selected. We’ll move around with the help of Tab, we’ll edit connection. So here on IPV for configuration, we need to change this to Manual. Then tab show. Tab add. So here we need to type IPV for address. We need to set 192, 168 dot 99 1024 we’ll move with the help of Tab. And here this is very important. Automatically connect with the help of spacebar. We’ll select this. Don’t hit enter. We need to use spacebar to select this option. Okay, now we’ll move around with the help of Tab back. We need to activate connection. So connection is already in active state. We’ll move back. Now we need to set system hostname. So here we need to set M host one. Dot example. com is set. We’ll move down on quit.

Will quit. I will clear the screen. I will type IPA. So here we can see IP address 192 dot 168 dot 99 dot 1024 has been set. We can display hostname as well. Now I will ping 192 dot 168, dot 99 dot one, which is IP address assigned to an Siebel dash CVM. So we are able to reach. So in similar way. I will set IP address and hostname on Mhost two, M host three and M host four VMs. I will do this offline. Finally, IP address configurations have been completed on each node and hostname has been set on each node. Now I am on ancible C VM.

We’ll verify connectivity from this VM to all other VMs. We’ll perform ping test. Ping 192, 168, 99 ten, which is IP address assigned to am a host one. So this is reachable. Now we’ll try dot 20. This is IP address assigned to Mhost two. It’s working fine. Dot 30 it’s working. And last dot 40 for Mhost four. It’s also working. Now we have connectivity between all the VMs. So we can also verify from other VMs to this VM between different VMs. So everything is fine. In next lecture we’ll configure host file on ancient CVM to resolve different host names locally.

4. Configuring hosts file for local name resolution

In this lecture, we’ll configure host file on ansible to resolve host names of different hosts locally. We don’t need to set up separate DNS server for same because same functionality can be available using host file. We know what we need to do for this task. We’ll open host file using Vim Editor in editing mode. Then we’ll make entry. One entry for each host. M host one, m host two, m host three and m host four. First field is IP address, then tab hostname, then short hostname. After making all the entries, we write and quit to verify the functionality, we’ll execute get an host. Then we’ll provide hostname so IP address should be returned back later on. In this course, we’ll configure managed host to provide local host name resolution. But we’ll do this section using ensible command line or using ensible Playbook. This is very important task from exam point of view. We’ll discuss more on this later on.

Now let’s move to the system and start doing this task. Now VR on ensable DESC host don’t get confused between VM name and Hostname. Because I kept them same, they can be different. Here. I’m referring Hostname. We can verify hostname using hostname command or you can use hostname CTL. Now we’ll start configuring host file for local hostname resolution. We need to switch user to root because this section can be done as root user. Now we’ll open host file using Vim Editor.

And here we already have entries for localhost. I will move down with arrow key and here I will change to command mode using escape then press So to open new line. Here I will type IP address for M host 1192, dot 168 dot 99 dot ten tab hostname Mhost, one dot example. com tab short hostname. Now we’ll make same entry for M host two, M host three, and M host 419-2168 dot 99 dot 20 tab M host two, dot. Example. com 192 dot 168 dot 99 dot 30 M host three, dot example. com amhost 3192, double dot 168. I’m using double dot here to show you what happens when you make mistake. Here Mhost four dot example. com m host four so this is all we need to do. I will change to command mode, colon write quit. This is all we need to do.

Now we’ll verify functionality using get and Host. Get and Host I will type hostname for m host one. So we have IP address returned back. So this is called forward. DNS, lookup. Similarly, you can perform reverse DNS lookup. For this, we’ll type or we’ll provide IP address as input. 192 168 dot 99 ten so now we have hostname in the result. So this is working perfectly fine. Output is same in both cases, but we have result in both cases. So it means we have correct mapping. Now I will execute same command for m host four for which we made one mistake. We don’t have any output. So this is just to show you in case you make some mistake in the host file, you may have same issue. You will have same issue. I will fix it. Not span in similar way I will verify four M host three and four M host four. So everything is fine. This is all about this lecture in next lecture we’ll install Mcbell.

5. Installing Ansible

In this lecture we’ll learn how we can install ansible control node on rel and send us ansible package is available through EPIL repository. EPIL repository provides extra packages for enterprise Linux. So first we need to install EPIL release package to make epel repository available. So it means even if you have local repository configured on your system, you will not find ansible package in default repositories on rail and send to s. This package can be available by using epel repository. To use epel repository we must install epel release package which contains all the required info to use epel repository. But for this we must connect VM to internet. We’ll add one breach interface to connect VM to internet to use online repository and after we’ll install epilrelease package after package is installed ansible package will become available and will install ansible on the exam you will not have internet connection so you don’t need to worry. They must provide you with the required package to be installed. You just need to install package using DNF or rpm. So to install ensible we’ll follow these steps. First we install epel release package using DNF install epel release then we’ll verify if ensible package is available. Now we’ll execute DNF provides ansible. Then we’ll install ansible using DNF install ansible we’ll verify ansible version after it has been installed. At this time ansible version two nine is the latest and by default ansible version two nine will be installed. However, for the exam we need to use ansible engine two eight. We’ll install ansible two eight later before starting practical tasks in next section we’ll discuss about different components of ansible and we will be using ansible two dot nine for the same because this does not make any difference from exam point of view. However we’ll practice all the tasks on ansible engine two eight only just to make sure we are doing all the tasks on the exam version. Now let’s move to the system and start installing ensible. Now we are on ansible host.

We must connect this host or this VM to internet to use only repository. For this we need to power off this VM. I will power off this VM. So now VM is powered off. Now we need to add one more interface to this VM. We right click here, hit settings down on network tab and here we have one adapter already configured and this adapter is used to connect to all other VMs on the network on internal network. To add one more adapter we’ll hit here on tab two will enable network adapter. If this is not enabled then go scroll down and select breach adapter. So this adapter will bridge directly to your WiFi router and provide internet connectivity. Now after the VM is powered on we’ll have two interfaces. One interface connected to internal network and other interface will provide internet connectivity. I will pause the video until machine is started. Now finally VM is running now we’ll verify new interface with command IP a or IP space address space show. So here we can see one more interface has been added. So here IP is assigned automatically. So this IP is to provide Internet connectivity. We already assigned this IP to provide connectivity on internal network. Now we’ll just verify if connectivity is still working fine. I will ping 192 dot 168, dot 99, dot ten. This is M host one. This is working fine. I will clear the screen. Will check for dot 20 IP m host two. This is fine.

Now to check Internet connectivity, I will ping Google DNS eight dota eight dotate dotate here we did mistake accidentally. I will provide complete IP. Now we can see internet connectivity is working fine. Now I will switch user to root. Now I will execute command DNF rapport list to display available repositories. Now, as we discussed already, we need to install Epel release package. For this we’ll execute DNF install epel release. So after this package is installed, epel repository will be available. But before installing this package, I will just press no, I aborted this operation to show you something. We’ll execute DNF provides ansible no matches found. So ansible package is not available in standard for the default repositories. So that’s why we need to install Epel release package to make Epel repository available. Now we will install this. Now again I will execute same command. This time we can see extra packages for enterprise Linux are available. It can take some time. So here we can see now ansible package is available, ansible version 2913 and so on is available.

So we’ll install this latest version using DNF install and sibal. So it will install ten packages. It will take few seconds. So we need to provide second time. Why? Because this was for GNU Privacy Guard Check to make sure package is authenticated, it’s not corrupt or something wrong. I will pause the video until this is installed. So finally ansible is installed.

Now I’ll verify ansible version using ansible version. So here we can see this is ansible version 2913. This is ansible config file which is present on this specific path forward, slash, etc ansible. And this is ansible config file name ansible dot CFG config file name should be always ansible dot CFG. Then we have more information about ansible Python module location. And we have executed table location forensible and Python version used. Now to use ensible we must have inventory defined. Also we must have SSH key authentication set up between ansible C and other managed hosts. In next lecture we’ll set up SSH key authentication for rules.

6. Setting up SSH keys relationship for root user

This lecture will set up SSH key authentication for root user. We know before using ansible to manage remote host we need to set up SSH key authentication between ansible control node which is ansible C host and all other VMs. We need to manage using ansible because we cannot provide SSH connection password each time when ansible will ask for this. And this is note objective behind using ansible. Ansible is used for automation so we don’t need to do any manual task such as providing passwords. So for this we’ll configure password less login between ansible control node and all the managed host.

In this scenario, ansible CVM or ansible Chost will be acting as SSH client and all the managed host will be acting as SSH server. We know sshdaemon comes preinstalled started and enabled on every Linux machine so we don’t need to take care of this part. Now what we need to do will generate SSH keys for root user on ansible C host using SSH tzen with dash t type of algorithm. To use we’ll use RSA DSA is deprecated on relate. Then by using for loop or for iteration we’ll copy public key to all the managed host using SSH copy ID command line. We can also do it one by one by using SSH copy ID. Now let’s move to the system and start doing this task.

Now we are on ansible C host and I am logged in as root user. First of all we’ll generate SSH keys for root user. For this we’ll use SSH keen t for type RSA. For algorithm we’ll press enter file in which to save the key we’ll keep it as default. We are not entering any passphrase, so we have done. Now we need to copy public key to all the managed hosts. First of all I will navigate to dot SSH directory. I will list the contents. So here we can see this is private key ID underscore RSA and this is public key novel copy public key ID underscore RSA pub to all the managed host.

For this I will use for iteration for hosting 1234 do we use SSH copy ID amhost dollar host dollar host will be replaced by one, two, three and four in different iterations. Done? Yes. Here we need to provide password. Are you sure you want to continue connecting? Yes after you provide? Yes. This will add this host in known host file and will proceed further to connect. Here we need to provide password again we need to repeat this for each host. So we have done. I will create the screen to verify password less connection. I will type SSH amhost one we are connected. I will type hostname to be sure. Now we are connected to amhost one. We did not provide any password.

We’ll verify SSH amhost four. It’s working fine. So now we have lab setup completed and we have also SSH key authentication setup for root user. Before we use ansible, we must set up inventory file. So now we’ll move ahead with the next section where we’ll discuss about core components of ansible. And also we’ll learn how we can set up inventory file. This is all about this section.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img