CentOS 8 Week 1 (WIP)

oO.o · September 25, 2019, 5:38am

CentOS 8 is out! Time to build stuff with it.

First off, yes, technically it is past midnight so not really day 1, but I did start working on it yesterday.

So I am going to try and walk through configuring some servers and some hypervisors and other fun stuff and take note of CentOS 8 quirks, new features, whatever.

Anyway, first thing is first:

Installation

I didn’t go through everything in the installer, just the parts that I typically change. In this case, the host will be an IPA domain controller, and I am installing from a minimal ISO. Other than network, storage and user, there’s nothing else that I will do at this point.

Network

I don’t do much fancy stuff to the network during install. I turned on the first interface which I had already registered in DHCP/DNS. It appears to pick up its short hostname, dc1, although this is not reflected in the Host Name field. I don’t remember if this is normal…

Time

By default we only have one entry here pointing to the CentOS NTP pool where I believe we used to have 4 entries for individual pool members. When I added my NTP server below, I wasn’t able to remove the default entry. I ended up making a redundant entries for my NTP server, exiting the config and then when I came back it had consolidated. Not a big deal, but a slightly annoying UX there.

Storage

I adhere to a modified version of the DISA STIG partitioning scheme. In this case, I have 3 256GB SSDs in RAID1. I allocate about 70GB of that and keep the rest open for snapshots. I’ll add /tmp as a tmpfs partition later.

The BTRFS technology preview from 7 is gone of course (RIP). Surprisingly to me, XFS is still default despite Fedora using EXT4 for some time now. I changed all partitions to EXT4 to keep things consistent with other distros.

Also, I believe the default volume group name has changed. It is cl with the hostname after it (if it has one), in my case it’s cl_dc1. In an earlier failed attempt where network was down, it was just cl.

User

No changes here, except that the UI is centered. Kind of surprising, the default UID is still 1000, despite Red Hat recommending that you set it to 5000 since at least RHEL 6.

I did get this error soon after selecting admin for my user, so hopefully I don’t end up with no sudo and no root password.

Anyway, installation is complete, so time to start initial config.

Initial Config

Well, it’s already a little weird. Looks like it thought it was localhost and then decided it should be dc1, maybe after network came up.

Ah, good I have sudo. No idea what that error was about.

And sshd is installed and running already, so I can abandon this infernal IPMI window with no copy/paste.

Let’s prep the system for snapshots.

# add GRUB to all disks in the mirror
cat /proc/mdstat #see what disks are mirrored
sudo grub2-install /dev/sda
sudo grub2-install /dev/sdb
sudo grub2-install /dev/sdc

# set up /tmp
sudo cp /etc/fstab /etc/fstab.default~
sudo printf "tmpfs\t\t/tmp\t\ttmpfs\t\trw,nosuid,size=8G\t\t0 0" >> /etc/fstab #got a permissions error on this for some reason... vi worked
sudo mount -a

# lvm stuff for snapshotting
sudo cp /etc/lvm/lvm.conf /etc/lvm/.lvm.conf.default~
sudo sed -i 's/snapshot_autoextend_threshold[[:space:]]=[[:space:]]100/snapshot_autoextend_threshold = 50/g' /etc/lvm/lvm.conf
sudo sed -i 's/thin_pool_autoextend_threshold[[:space:]]=[[:space:]]100/thin_pool_autoextend_threshold = 50/g' /etc/lvm/lvm.conf

# os partitions
sudo lvchange --addtag "local" --addtag "os" --addtag "root" cl_dc1/root
sudo lvchange --addtag "local" --addtag "os" --addtag "var" cl_dc1/var

# log partitions
sudo lvchange --addtag "local" --addtag "log" --addtag "var_log" cl_dc1/var_log
sudo lvchange --addtag "local" --addtag "log" --addtag "var_log_audit" cl_dc1/var_log_audit

# user storage
sudo lvchange --addtag "local" --addtag "user" --addtag "home" ccl_dc1/home

# swap
sudo lvchange --addtag "local" --addtag "swap" cl_dc1/swap

# need yum-utils for preserving kernel with OS snapshot
sudo yum check-update
sudo yum -y install yum-utils

# take initial snapshot of root and var
TIMESTAMP="$(date +"%Y-%m-%d-%H-%M-%S")"
KERNEL="$(uname -r)"
sudo lvcreate --snapshot --extents 50%ORIGIN --addtag "root" --addtag "${TIMESTAMP}" --name "root_${TIMESTAMP}" cl_dc1/root
sudo lvcreate --snapshot --extents 50%ORIGIN --addtag "var" --addtag "${TIMESTAMP}" --name "var_${TIMESTAMP}" cl_dc1/var
sudo lvchange --addtag "local" --addtag "os" --addtag "${KERNEL}" "@${TIMESTAMP}"

# preserve current kernel
sudo yumdb set installonly keep kernel-"${KERNEL}"

And I got this far when I realized something was very wrong…

[vortex@dc1 ~]$ uname -r
3.10.0-862.el7.x86_64
[vortex@dc1 ~]$ cat /etc/issue
\S
Kernel \r on an \m

[vortex@dc1 ~]$ cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

So… the minimal CentOS 8 ISO which I downloaded from the Columbia University mirror and confirmed the checksum against CentOS wiki page has apparently installed CentOS 7…

BRB?

Trooper_ish · September 25, 2019, 7:59am

That twist at the end… didn’t see that coming!

oO.o · September 25, 2019, 8:09am

Trying the DVD image now, but I gotta go to sleep soon. What a bunch of fuckery.

DVD image worked, but I forgot to choose the packages so now I have a GUI and a bunch of other stuff I don’t want.

I’ll be back tomorrow.

BGL · September 25, 2019, 10:11am

You need to change the thread title, this is just click-bait

Even747 · September 25, 2019, 10:38am

I was wondering why that screen cap under “initial config” shows CentOS Linux 7 and kernel version is 3.10.

“That’s quite old kernel for new version of the OS”

oO.o · September 25, 2019, 2:21pm

I am going to finish it, but sure, point taken.

Title changed.

nx2l · September 25, 2019, 2:36pm

you think it is still centos 7 ?

oO.o · September 25, 2019, 3:09pm

The installer said 8, but when it finished and I rebooted, it was CentOS 7. It was installed to a 3-way mirror on the only 3 hard drives installed on that system, so it wasn’t like there was an old OS somewhere.

When I installed from the DVD ISO, the installer was exactly the same, but I didn’t get the error while configuring the user and I got the EULA after reboot, which I believe has been in the last couple versions of 7 (or is it only when you install GUI).

In any case, pretty much all of my OP is accurate, I just need to reinstall the OS again and make sure my initial config commands work. Then I can resume this project.

nx2l · September 25, 2019, 3:56pm

after the install it was indeed CentOS 8… but I found out so far that it authconfig was replaced… so setting up kerberos auth… is not one step anymore…

oO.o · September 25, 2019, 4:01pm

Did you install from minimal ISO?

nx2l · September 25, 2019, 4:03pm

I used the edu link that it showed for me at:
http://isoredirect.centos.org/centos/8/isos/x86_64/CentOS-8-x86_64-1905-dvd1.iso

oO.o · September 25, 2019, 4:12pm

Yeah, dvd installer did work for me. This is the exact one I used initially:

http://mirror.cc.columbia.edu/pub/linux/centos/8.0.1905/isos/x86_64/CentOS-8-x86_64-1905-boot.iso

Now when I try to minimal boot iso, I get this:

So my guess is that it was pointing to a repo with CentOS 7 packages and now someone has noticed and taken it down.

Based on how it worked in 7, I believe it should point to mirror.centos.org/centos/8/x86_64, but the x86_64 directory doesn’t exist.

Anyway, I’m sure they’ll fix it soon, although as we’ve learned, “soon” for CentOS can mean several months… So word of warning, use the dvd ISO and not the minimal boot one for now.

For reference, this is what the Installation Source screen looks like on the dvd iso:

Dynamic_Gravity · September 25, 2019, 5:24pm

Wouldn’t it be possible to just upgrade from a centos7 install to centos8?

Goalkeeper · September 25, 2019, 5:35pm

I see the image says appstream.

Is what’s under appstream also under the x86 directory?

http://mirror.centos.org/centos/8/AppStream/x86_64/os/Packages/

Is populated

Goalkeeper · September 25, 2019, 5:39pm

Someone made a bug report

https://bugs.centos.org/view.php?id=16456

oO.o · September 25, 2019, 5:50pm

I actually do have a CentOS 7 USB installer connected to that machine. I wonder if it couldn’t find the mirror but saw the local repo there and just decided to use it.

I hope that’s not the case. Scraping local media for any repo it can find seems… not ideal.

BGL · September 25, 2019, 5:51pm

I was only joking, but the new title works well

AnotherDev · September 25, 2019, 6:26pm

A tall task of massive proportion.

oO.o · September 25, 2019, 6:52pm

Sure, but not for the purposes of this thread.

oO.o · September 25, 2019, 9:25pm

So, I pxe booted it via netboot.xyz and these appear to be the correct source fields:

Seems like the ../../../ shouldn’t be necessary, but who knows what stupidity might be afoot.

I’m doing 4 servers at once and noticing some weird inconsistencies. The hostname is sometimes picked up from local DNS and sometimes not, and is sometimes short and is sometimes fqdn. Also, on one server, it picked up my NTP server (from DHCP I assume), and appears to have done a reverse lookup on it as well because DHCP is only advertising its IP.