Tuesday, August 23, 2011

Secure WEb-Console and JMX-Console in Jboss

Hi All,
            Here I am posting my first video on How to Secure web-console and jmx-console in JBOSS 5.1GA.





!Enjoy
Feel free to comment...

Setting PXE Network Boot Server in Linux

Dear All,
               Here I am showing you another way to configure PXE Network Boot Server on Linux. I have shown this in my previous post PXE(Preboot eXecution Environment) Installation and Configuration . This will be really helpful when you have no CD/DVD Drive in your Client System.

Requirements : You will need following thing to be configure for this...
  • A DHCP server
  • A TFTP server (tftpd-hpa)
  • vmlinuz and initrd.img from your distribution of choice
  • The PXELINUX.0 boot loader and a suitable config file
  • Network installation Server that may be NFS, FTP, or HTTP. Here I am using ftp server. 
  • system-config-netboot package for pxeos commands.
Note : My server IP -- 192.168.2.199

1.) Install the TFTP server:
Ensure you use the tftpd-hpa package, as PXELINUX requires that the boot server has a TFTP server which supports the “tsize” TFTP option. If you don’t use tftpd-hpa you will most likely see an error such as ‘TFTP server does not support the tsize option’.
              You can make use of yum or can download it from net. I am showing you comtents of "/etc/xinetd.d/tftp" here
[root@server199 ~]# cat /etc/xinetd.d/tftp
# default: off
# description: The tftp server serves files using the trivial file transfer \
#       protocol.  The tftp protocol is often used to boot diskless \
#       workstations, download configuration files to network-aware printers, \
#       and to start the installation process for some operating systems.
service tftp
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args        = -s /tftpboot   [-- my Dir where I have configure ftp Server]
        disable                 = no
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4
}



2.) Install and configure dhcp server:
                        I am not going in detail of dhcp server just showing you contents of dhcpd.conf file.


[root@server199 ~]# cat /etc/dhcpd.conf
ddns-update-style interim;
ignore client-updates;

allow booting;
allow bootp;
class "pxeclients" {
      match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
      next-server 192.168.2.199;
      filename "linux-install/pxelinux.0";
}


subnet 192.168.2.0 netmask 255.255.255.0 {

# --- default gateway
        option routers                  192.168.2.1;
        option subnet-mask              255.255.255.0;

#       option nis-domain               "domain.org";
#        option domain-name             "xalted.org";
        option domain-name-servers      192.168.0.1;

        option time-offset              -18000; # Eastern Standard Time
#       option ntp-servers              192.168.1.1;
#       option netbios-name-servers     192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
#       option netbios-node-type 2;

        range dynamic-bootp 192.168.2.10 192.168.2.197;
        default-lease-time 21600;
        max-lease-time 43200;

       
}

3.) Setting up PXELINUX:
                    
PXELINUX is a SYSLINUX derivative, for booting Linux off a network server. Essentially, it is used to load a linux kernel of your choice on to your machine. You specify which kernel to load in a config file. You can download the latest pxelinux.0 file from kernel.org. You will need to extract it from the syslinux archive .
You are going to be creating a folder structure that will eventually look like this:


[root@server199 /]# mkdir -p /tftpboot/linux-install/
[root@server199 /]# mkdir -p /tftpboot/linux-install/pxelinux.cfg
[root@server199 /]# touch /tftpboot/linux-install/pxelinux.cfg/default
[root@server199 /]# mkdir -p /tftpboot/linux-install/distros
[root@server199 /]# mkdir -p /tftpboot/linux-install/distros/centos5.6
[root@server199 /]# vi /tftpboot/linux-install/pxelinux.cfg/default
[root@server199 pxelinux.cfg]# cat default
default local
timeout 100
prompt 1
display msgs/boot.msg
F1 msgs/boot.msg
F2 msgs/general.msg
F3 msgs/expert.msg
F4 msgs/param.msg
F5 msgs/rescue.msg
F7 msgs/snake.msg

label 0
  localboot 1

label 1
  kernel centos/vmlinuz
  append initrd=centos/initrd.img ramdisk_size=8419 method=ftp://192.168.2.199/centos5.6 ip=dhcp
[root@server199 pxelinux.cfg]#
[root@server199 pxelinux.cfg]#
[root@server199 pxelinux.cfg]# cat /tftpboot/linux-install/menu.msg

                          .-=-.          .--.
              __        .'     '.       /  " )
      _     .'  '.     /   .-.   \     /  .-'0c\0a
     ( \   / .-.  \   /   /   \   \   /  /    0c^0a
      \ `-` /   \  `-'   /     \   `-`  /
       `-.-`     '.____.'       `.____.'
07
                                       _
  __ _ _ __   __ _  ___ ___  _ __   __| | __ _
 / _` | '_ \ / _` |/ __/ _ \| '_ \ / _` |/ _` |
| (_| | | | | (_| | (_| (_) | | | | (_| | (_| |
 \__,_|_| |_|\__,_|\___\___/|_| |_|\__,_|\__,_|

07

Choose one of the following labels in order to boot:
- linux (localboot)
- centos5.6

[root@server199 ~]# tree -d /tftpboot/
/tftpboot/  -----------Manual Created
`-- linux-install----------Manual Created
    |-- centos-----------
    |-- distros----------        Manual Created
    |   `-- centos5.6  ....Manual Created
    |       |-- CentOS
    |       |-- NOTES
    |       |-- images
    |       |   |-- pxeboot
    |       |   `-- xen
    |       |-- isolinux
    |       `-- repodata
    |-- msgs  ------------ Manual Created
    `-- pxelinux.cfg   --------  Manual Created

13 directories
[root@server199 linux-install]# tree msgs/
msgs/   --- Manual Created
`-- boot.msg   ---- Manual Created

0 directories, 1 file
[root@server199 linux-install]# pwd
/tftpboot/linux-install
[root@server199 linux-install]# ll
total 48
drwxr-xr-x 2 root root  4096 Aug 22 12:42 centos
drwxr-xr-x 3 root root  4096 Aug 22 11:36 distros
-rw-r--r-- 1 root root   620 Aug 22 11:41 menu.msg   
drwxr-xr-x 2 root root  4096 Aug 22 12:45 msgs
-rw-r--r-- 1 root root 26442 Aug 22 11:45 pxelinux.0
drwxr-xr-x 2 root root  4096 Aug 23 12:44 pxelinux.cfg
[root@server199 linux-install]#

4.) Setting up ftp Server :
                             Finally Setup ftp server. You can install vsftpd using yum or can download from net. I am just showing you my vsftpd.conf file.


[root@server199 ~]# cat /etc/vsftpd/vsftpd.conf
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=NO
tcp_wrappers=YES
vsftpd_log_file=/var/log/vsftpd.log
# Allow anonymous FTP?
anon_max_rate=0
anon_mkdir_write_enable=NO
anon_root=/tftpboot/linux-install/distros
anon_world_readable_only=YES
anon_umask=0022
anon_upload_enable=NO
anon_other_write_enable=NO
no_anon_password=NO
userlist_deny=NO







Now copy the Centos5.6 DVD to location "/tftpboot/linux-install/distros".
[root@server199 distros]# ll
total 4 drwxr-xr-x 7 root root 4096 Aug 22 12:03 centos5.6
[root@server199 distros]# cd centos5.6/
[root@server199 centos5.6]# ls
CentOS      NOTES                  RELEASE-NOTES-en.html     RELEASE-NOTES-fr.html  RELEASE-NOTES-pt_BR.html  TRANS.TBL
EULA        RELEASE-NOTES-cs       RELEASE-NOTES-en_US       RELEASE-NOTES-ja       RELEASE-NOTES-ro          vmlinuz
GPL         RELEASE-NOTES-cs.html  RELEASE-NOTES-en_US.html  RELEASE-NOTES-ja.html  RELEASE-NOTES-ro.html
images      RELEASE-NOTES-de       RELEASE-NOTES-es          RELEASE-NOTES-nl       repodata
initrd.img  RELEASE-NOTES-de.html  RELEASE-NOTES-es.html     RELEASE-NOTES-nl.html  RPM-GPG-KEY-beta
isolinux    RELEASE-NOTES-en       RELEASE-NOTES-fr          RELEASE-NOTES-pt_BR    RPM-GPG-KEY-CentOS-5




Finally restart the following services:

[root@server199 linux-install]# /etc/init.d/xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]
[root@server199 linux-install]# /etc/init.d/vsftpd restart
Shutting down vsftpd:                                      [  OK  ]
Starting vsftpd for vsftpd:                                [  OK  ]
[root@server199 linux-install]# /etc/init.d/dhcpd restart
Shutting down dhcpd:                                       [  OK  ]
Starting dhcpd:                                            [  OK  ]
[root@server199 linux-install]#

Last Step add "pxeos"  entry by issuing following command:

[root@server199 linux-install]# pxeos -a -i "Centos5.6" -p FTP -D 0 -s 192.168.2.199 -L /centos5.6/ centos
[root@server199 linux-install]#


and then test it from client by changing boot order of client system and make PXE Boot as First boot device.

!Enjoy 
Feel free to comment....



Integrate Jenkins with Azure Key Vault

Jenkins has been one of the most used CI/CD tools. For every tool which we are using in our daily life, it becomes really challenges when ...