CentOS 8 is out! Time to build stuff with it.
First off, yes, technically it is past midnight so not really day 1, but I did start working on it yesterday.
So I am going to try and walk through configuring some servers and some hypervisors and other fun stuff and take note of CentOS 8 quirks, new features, whatever.
Anyway, first thing is first:
Installation
I didn’t go through everything in the installer, just the parts that I typically change. In this case, the host will be an IPA domain controller, and I am installing from a minimal ISO. Other than network, storage and user, there’s nothing else that I will do at this point.
Network
I don’t do much fancy stuff to the network during install. I turned on the first interface which I had already registered in DHCP/DNS. It appears to pick up its short hostname, dc1
, although this is not reflected in the Host Name field. I don’t remember if this is normal…
Time
By default we only have one entry here pointing to the CentOS NTP pool where I believe we used to have 4 entries for individual pool members. When I added my NTP server below, I wasn’t able to remove the default entry. I ended up making a redundant entries for my NTP server, exiting the config and then when I came back it had consolidated. Not a big deal, but a slightly annoying UX there.
Storage
I adhere to a modified version of the DISA STIG partitioning scheme. In this case, I have 3 256GB SSDs in RAID1. I allocate about 70GB of that and keep the rest open for snapshots. I’ll add /tmp
as a tmpfs partition later.
The BTRFS technology preview from 7 is gone of course (RIP). Surprisingly to me, XFS is still default despite Fedora using EXT4 for some time now. I changed all partitions to EXT4 to keep things consistent with other distros.
Also, I believe the default volume group name has changed. It is cl
with the hostname after it (if it has one), in my case it’s cl_dc1
. In an earlier failed attempt where network was down, it was just cl
.
User
No changes here, except that the UI is centered. Kind of surprising, the default UID is still 1000, despite Red Hat recommending that you set it to 5000 since at least RHEL 6.
I did get this error soon after selecting admin for my user, so hopefully I don’t end up with no sudo and no root password.
Anyway, installation is complete, so time to start initial config.
Initial Config
Well, it’s already a little weird. Looks like it thought it was localhost and then decided it should be dc1, maybe after network came up.
Ah, good I have sudo. No idea what that error was about.
And sshd is installed and running already, so I can abandon this infernal IPMI window with no copy/paste.
Let’s prep the system for snapshots.
# add GRUB to all disks in the mirror
cat /proc/mdstat #see what disks are mirrored
sudo grub2-install /dev/sda
sudo grub2-install /dev/sdb
sudo grub2-install /dev/sdc
# set up /tmp
sudo cp /etc/fstab /etc/fstab.default~
sudo printf "tmpfs\t\t/tmp\t\ttmpfs\t\trw,nosuid,size=8G\t\t0 0" >> /etc/fstab #got a permissions error on this for some reason... vi worked
sudo mount -a
# lvm stuff for snapshotting
sudo cp /etc/lvm/lvm.conf /etc/lvm/.lvm.conf.default~
sudo sed -i 's/snapshot_autoextend_threshold[[:space:]]=[[:space:]]100/snapshot_autoextend_threshold = 50/g' /etc/lvm/lvm.conf
sudo sed -i 's/thin_pool_autoextend_threshold[[:space:]]=[[:space:]]100/thin_pool_autoextend_threshold = 50/g' /etc/lvm/lvm.conf
# os partitions
sudo lvchange --addtag "local" --addtag "os" --addtag "root" cl_dc1/root
sudo lvchange --addtag "local" --addtag "os" --addtag "var" cl_dc1/var
# log partitions
sudo lvchange --addtag "local" --addtag "log" --addtag "var_log" cl_dc1/var_log
sudo lvchange --addtag "local" --addtag "log" --addtag "var_log_audit" cl_dc1/var_log_audit
# user storage
sudo lvchange --addtag "local" --addtag "user" --addtag "home" ccl_dc1/home
# swap
sudo lvchange --addtag "local" --addtag "swap" cl_dc1/swap
# need yum-utils for preserving kernel with OS snapshot
sudo yum check-update
sudo yum -y install yum-utils
# take initial snapshot of root and var
TIMESTAMP="$(date +"%Y-%m-%d-%H-%M-%S")"
KERNEL="$(uname -r)"
sudo lvcreate --snapshot --extents 50%ORIGIN --addtag "root" --addtag "${TIMESTAMP}" --name "root_${TIMESTAMP}" cl_dc1/root
sudo lvcreate --snapshot --extents 50%ORIGIN --addtag "var" --addtag "${TIMESTAMP}" --name "var_${TIMESTAMP}" cl_dc1/var
sudo lvchange --addtag "local" --addtag "os" --addtag "${KERNEL}" "@${TIMESTAMP}"
# preserve current kernel
sudo yumdb set installonly keep kernel-"${KERNEL}"
And I got this far when I realized something was very wrong…
[vortex@dc1 ~]$ uname -r
3.10.0-862.el7.x86_64
[vortex@dc1 ~]$ cat /etc/issue
\S
Kernel \r on an \m
[vortex@dc1 ~]$ cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
So… the minimal CentOS 8 ISO which I downloaded from the Columbia University mirror and confirmed the checksum against CentOS wiki page has apparently installed CentOS 7…