[LINUX] Build CentOS 8 on ESXi 6.7 with minimal configuration

Introduction

I tried to install CentOS 8 on ESXi with the minimum configuration. Only very basic settings are made.

Target device and environment, etc.

Verification environment

Network information

item value
Server FQDN vmnetserv01.prosper2.net
Server address 10.254.10.251

Work content

Media preparation

The ISO is dropped from a domestic mirror. It's easier to log in to ESXi with SSH and get it with wget.

$ ssh root@esxi
So log in

# cd /vmfs/..../images (move to location to save ISO)
# wget http://ftp.iij.ad.jp/pub/linux/centos/8/isos/x86_64/CentOS-8.1.1911-x86_64-boot.iso

VM creation on ESXi

Create an empty VM.

There is "CentOS 8" in the guest OS version, so select it Screenshot from Gyazo

Select the ISO file you downloaded earlier Screenshot from Gyazo

Installation of CentOS 8

Once powered on, you need an option to match the resolution. Press the ʻUp key on the startup screen to select "Install CentOS Linux 8". Press the ʻe key to switch to the option input screen. Screenshot from Gyazo

On this screen, insert resolution = 1024x768 and type Ctrl-x to launch the installer. Screenshot from Gyazo

Follow the installer. After selecting the language, this screen will appear. Screenshot from Gyazo

Complete the network settings. Screenshot from Gyazo

Software is minimal and sufficient Screenshot from Gyazo

After selecting the installation destination, you will be able to press the "Install" button, so click it. Screenshot from Gyazo

Create a root password and user while the download and installation are in progress. When creating a user, it will be easier later if you check "Make this user an administrator". Screenshot from Gyazo

CentOS 8 settings

You can log in with ssh in the initial state, so log in as the created user. I'm tired of sudo every time, so I end up doing sudo su -.

SSH settings

Disable root login and fix port

# vi /etc/ssh/sshd_config
-----8<-----snip-----8<-----
#Port 22
Port XXXX

#PermitRootLogin yes
PermitRootLogin no
-----8<-----snip-----8<-----

# systemctl restart sshd

firewall settings

cockpit seems to be an application that can manage servers from the web, but since it is not used, close it. If you change the SSH port with the above settings, set the firewall accordingly. (In this example, it remains TCP22)

# firewall-cmd  --list-services
cockpit dhcpv6-client ssh

# firewall-cmd --remove-service  dhcpv6-client --zone=public --permanent
# firewall-cmd --remove-service cockpit  --zone=public --permanent
# firewall-cmd --reload

# firewall-cmd --list-service
ssh

SELinux disabled

I'm always sorry. .. ..

# vi /etc/selinux/config
-----8<-----snip-----8<-----
#SELINUX=enforcing
SELINUX=disabled
-----8<-----snip-----8<-----

So, restart once.

Put in frequently used packages

It seems that package management has become something called dnf. The main body looks like a dnf-3.

$ ll /usr/bin/yum
lrwxrwxrwx.1 root root 5 December 19 10:43 /usr/bin/yum -> dnf-3
$ ll /usr/bin/dnf
lrwxrwxrwx.1 root root 5 December 19 10:43 /usr/bin/dnf -> dnf-3

Let's update unconditionally at first.

$ sudo dnf -y install epel-release
$ sudo dnf -y update
$ sudo dnf -y install screen vim lftp wget open-vm-tools mlocate tcpdump unzip bind-utils telnet

Time setting

Check the time zone

$ date
Friday, February 7, 2020 21:59:21 EST
(Where is EST, that)

$ sudo timedatectl set-timezone Asia/Tokyo
$ date
Tuesday, February 4, 2020 11:02:51 JST

It seems that the NTP settings have been made from the beginning.

$ chronyc sources
210 Number of sources = 4
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* ec2-13-230-38-136.ap-nor>     2   6   377    57    -65us[ +200us] +/-   40ms
^+ 122x215x240x51.ap122.ftt>     2   6   377    58   -254us[+9893ns] +/-   48ms
^- mx.execve.net                 2   6   377    56  +1322us[+1322us] +/-  164ms
^+ hit-bridge.com                2   6   377    56   +152us[ +152us] +/-   47ms

I see, the load is distributed at the time of initial setting.

$ grep pool /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
pool 2.centos.pool.ntp.org iburst

$ dig 2.centos.pool.ntp.org +short
13.230.38.136
203.178.135.73
122.215.240.52
45.76.111.149

SNMP (added later)

Move SNMP so that it can be monitored remotely. The package can be net-snmp.

$ sudo dnf -y install net-snmp net-snmp-utils

You can add it to the original configuration file or rewrite it completely.

/etc/snmp/snmpd.conf


com2sec p2user  default rocomm
group   p2group v2c p2user
view    p2view    included   .1
access  p2group ""      any       noauth    exact     p2view none none

Make a hole in the port and start the service

# firewall-cmd --add-service=snmp --zone=public --permanent
# firewall-cmd --reload
# systemctl enable snmpd
# systemctl start snmpd

Make sure you can see it from another device.

$ snmpwalk -c rocomm -v 2c 10.254.10.251 sysdescr
SNMPv2-MIB::sysDescr.0 = STRING: Linux vmnetserv01.prosper2.net 4.18.0-147.5.1.el8_1.x86_64 #1 SMP Wed Feb 5 02:00:39 UTC 2020 x86_64

at the end

It is troublesome to upgrade the version of openssl on CentOS7, so I would like to switch to CentOS8 from now on!

Source

There is nothing in particular.

Recommended Posts

Build CentOS 8 on ESXi 6.7 with minimal configuration
Build a python environment with ansible on centos6
[CentOS 7.3] Build an FTP server on the ESXi host
Build a python3 environment on CentOS7
A memo with Python2.7 and Python3 on CentOS
Build Python environment with Anaconda on Mac
Install Mecab on Linux (CentOS) with brew
Build WordPress on CentOS 8 in LAMP environment
Build jupyter notebook on remote server (CentOS)
Deploy CentOS 6.10 x86_64 on VMware vSphere ESXi 5.5
Stray build Python-3.8.5 on CentOS without root privileges
Build python environment with pyenv on EC2 (ubuntu)
Boot CentOS 8 from Windows 10 with Wake On LAN
Run Flask on CentOS with python3.4, Gunicorn + Nginx.
Build CentOS8 LAMP
Easily build HPC on AWS with genuine AWS Cfn Cluster
Easy build of C ++ code with CMake on Docker
Install Faiss on CentOS 7
Install numba on CentOS 7.2
Static build ffmpeg (CentOS6)
Install Python3.4 on CentOS 6.6
Install mecab-python on CentOS
Build TensorFlow on Windows
Build XGBoost on Windows
Build python3.x with pyenv
build Python on Ubuntu
Installation on CentOS8 VirtualBox
Install Chainer on CentOS 6.7
OpneJDK8 build on CentOS7_x86_64
Torque setup on CentOS 6
Connect to centos6 on virtualbox with ssh connection from Mac
Build a python environment on CentOS 7.7 for your home server