Monday, September 30, 2013

Installing Perl and the VMXNET3 driver retrospectively on a minimalist vSphere CentOS 6 virtual machine

When installing a minimal CentOS 6.4 VM on vSphere 5.1 or later, Perl is not automatically installed. This means you can't install VMware tools and thus the VMXNET3 driver to enable networking. You could change the initial setup of your VM (eg. add the Perl packages during the install of CentOS or install an E1000 adapter in addition to the VMXNet3 adapter) but you might be in the situation that requires a nice clean install. The steps below allow you to retrospectively install Perl and VMware tools.


  1. The VM was created with a single VMXNET3 adapter
  2. An x64 instance of CentOS 6.4 was installed using the "Minimal" default installation of CentOS
  3. The CentOS 6.4 ISO is still connected to the VM
  4. You can login as root via the Virtual Machine Console in the vSphere Client
  5. You have a DHCP server on your network

Step 1: Mount the CentOS 6.4 ISO

Ensure the ISO is connected to the VM. Then at the root prompt type:

mount /dev/cdrom /mnt
cd /mnt/Packages

Step 2: Install the necessary Perl packages

Now type using tab command completion (line is wrapped for readability):

yum --disablerepo=* localinstall 

6 packages should be installed.

Step 3: Unmount the ISO

Now type at the command prompt:

umount /mnt

Step 4: Install VMware Tools

In the Virtual Machine Console go to the VM menu and choose Guest -> Install/Upgrade VMware Tools. Then at the command prompt:

mount /dev/cdrom /mnt
cd /tmp
tar xvzf /mnt/VMwareTools-9.0.5-1137270.tar.gz
cd vmware-tools-distrib
umount /mnt

Follow the prompts to install VMware Tools. The defaults usually suffice. Remember this only installs VMware tools for the currently running kernel. If you do a yum update you will need to reinstall VMware Tools. Additionally note that the exact VMwareTools tgz will depend on the version of the ESXi hypervisor you are running so you might have to adjust the file name to suite.

Step 5: Check the VMXNET3 driver is loaded

At the command prompt:

lsmod | grep vmxnet

You should see the following similar output - this means the driver is loaded and is unused.

vmxnet3        42862   0

Step 6: Edit the network settings

Now edit the network settings:

vi /etc/sysconfig/network-scripts/ifcfg-eth0

Change your network settings as you see fit but minimally change the following line in ifcfg-eth0 in order to get a DHCP lease:


Step 7: Restart the network and get a lease

At the command prompt type:

service network restart

The network will restart and you should have an IP address assigned via DHCP. Type:

eth0      Link encap:Ethernet  HWaddr 00:50:56:87:51:A9
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::250:56ff:fe87:51a9/64 Scope:Link
          RX packets:338 errors:0 dropped:0 overruns:0 frame:0
          TX packets:58 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:40438 (39.4 KiB)  TX bytes:7155 (6.9 KiB)

That's it! All done.

Addendum from Tristan at Aptira:

A simpler way as the VMXNET3 driver is included with CentOS minimal for all 6.x versions.

  1. Install OS
  2. vi ifcfg-eth0 and set ONBOOT=yes
  3. Reboot and the network should come up.
  4. yum -y wget
  5. Grab the latest VMware repo from here For example wget
  6. rpm -ivh vmware-tools-repo-RHEL6-9.4.5-1.el6.x86_64.rpm
  7. yum install -y vmware-tools-esx-nox
  8. Profit!



Saturday, July 27, 2013

Passwordless root SSH Public Key Authentication on CentOS 6

It's often useful to be able to SSH to other machines without being prompted for a password. Additionally, if you using tools such as Parallel SSH you will need to setup Public Key SSH Authentication. To set it up is relatively straight forward:

On the client machine (ie. the one you are SSH'ing from) you will need to create an SSH RSA key. So run the following command - ensure you don't supply a password:

[[email protected] ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/
The key fingerprint is:
c6:66:93:16:73:0b:bf:46:46:28:7d:a5:38:a3:4d:6d [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
|            .    |
|       . + o     |
|      . @ E      |
|       * & .     |
|      . S =      |
|       = + .     |
|          o      |
|         .       |
|                 |

This will generate the following files:

[[email protected] ~]# cd ~/.ssh
[[email protected] .ssh]# ls -l
total 8
-rw-------. 1 root root 1675 Jul 27 15:01 id_rsa
-rw-r--r--. 1 root root  406 Jul 27 15:01

On the client machine tighten up file system permissions thus:

[[email protected] ~]# chmod 700 ~/.ssh
[[email protected] ~]# chmod 600 ~/.ssh/*
[[email protected] ~]# ls -ld ~/.ssh & ls -l ~/.ssh
drwx------. 2 root root 4096 Jul 27 15:01 /root/.ssh
-rw-------. 1 root root 1675 Jul 27 15:01 id_rsa
-rw-------. 1 root root  406 Jul 27 15:01

Now copy the public key to the machine you want to SSH and fix permissions (you will be prompted for the root password):

[[email protected] ~]# ssh [email protected] 'mkdir -p /root/.ssh'
[[email protected] ~]# scp /root/.ssh/ [email protected]:/root/.ssh/authorized_keys
[[email protected] ~]# ssh [email protected] 'chmod  700 /root/.ssh'
[[email protected] ~]# ssh [email protected] 'chmod  600 /root/.ssh/*'

You can also use the utility ssh-copy-id to do the above steps. If you don't have scp on the remote machine you will need to install it:

[[email protected] ~]# ssh [email protected] 'yum install openssh-clients'

You should now be able to ssh directory from node01 to node02 without providing a password:

[[email protected] ~]# ssh node02
Last login: Wed Jul 27 15:41:56 2011 from
[[email protected] ~]#

IMPORTANT There is a bug in CentOS 6 / SELinux that results in all client presented certificates to be ignored when SELinux is set to Enforcing. To fix this simply:

[[email protected] ~]# ssh [email protected] 'restorecon -R -v /root/.ssh'
restorecon reset /root/.ssh context system_u:object_r:ssh_home_t:s0->system_u:object_r:home_ssh_t:s0
restorecon reset /root/.ssh/authorized_keys context unconfined_u:object_r:ssh_home_t:s0->system_u:object_r:home_ssh_t:s0
Saturday, June 01, 2013

Setting up DHCP on an Enslaved VLAN Bridge on CentOS Linux

I had to setup a single interface on a server, with dual DHCP IP addresses that were obtained on the native untagged interface along with a tagged interface enslaved to VLAN bridge in order to rollout Enomaly SpotCloud. Thus the primary interface obtains its IP address via DHCP along with the bridged interface on a VLAN. To set this up :

1. cd /etc/sysconfig/network-scripts

2. vi ifcfg-eth0 so it looks like (change your MAC address accordingly):


3. Then create your VLAN interface configuration. So vi ifcfg-eth0.1051:


4. Then create your bridge interface configuration: So vi ifcfg-virbr0:


Note that TYPE must be Bridge with a capital B - otherwise it won't work. And there you have it - when the box boots it gets a DHCP lease on eth0 and on virbr0 which is on VLAN 1051.

Friday, May 10, 2013

Configuring iSCSI on CentOS 5.6

I recently had to load CentOS 5.6 on several HP BL2x220C blade servers to run Enomaly SpotCloud. One of the requirements was to provision disk for KVM virtual machine storage. This could be local disk or optionally iSCSI disk. The following describes the steps I went through to configure iSCSI successfully.

1. You will need to configure your storage system. I was using a HDS HNAS Mercury cluster. The configuration of the HNAS is probably beyond the scope of this post but in essence you need to create a File System of your required size. Then assign that File System to an EVS (Hitachi terminology for a virtual storage system) with an assigned cluster node and IP address on the storage VLAN. You then need to create iSCSI Logical Units within the File System. One LUN will be required for each host. Lastly create iSCSI targets within the EVS iSCSI domain with access configuration only permitted from the host that will use it along with the LUN ID and LUN name. You will end up with is a series of Globally Unique Names that are of a finite size (eg. 500GB)  that are only accessible from a single host:

2. Back to the CentOS side of things - make sure your interfaces are configured correctly and you can ping the storage system. I have two Virtual Connect modules in the HP C7000 enclosure - hence two interface were available. Static IPs were used on the storage network. I edited:


3. Make sure the iSCSI daemons are installed. You can do this via yum or from the original source media. Via yum:

yum install iscsi

Via virtual media:

mount /dev/cdrom /mnt
cd /mnt/CentOS
rpm -ivh iscsi*
cd /
umount /mnt

Don't forget to eject the virtual media.

4. Make sure iSCSI starts on boot and start the daemon:

chkconfig iscsi on
service iscsi start

5. Discover your iSCSI targets:

iscsiadm -m discovery -t sendtargets -p

The IP address is that of the storage system.

6. Delete any unnecessary iSCSI nodes:

service iscsi stop
iscsiadm -m node <nodename> -o delete
service iscsi start

The <nodename> is the UIN mentioned earlier. Sometimes you will always discover multiple nodes - so you need to configure the storage system to filter available LUNs by client source IP address.

7. Work out which device is the iSCSI node:

fdisk -l

8. Create a partition then format it:

fdisk /dev/sdb
mkfs.ext4 /dev/sdb1

9. Label the device:

e2label /dev/sdb1 /sc-node01

10. Configure the mount in /etc/fstab (note the _netdev mount option to ensure the iSCSI LUN is mounted after networking has been brought up):

LABEL=/sc-node01 /var/lib/xen/images ext3 defaults,_netdev,noatime 0 0

And that's it - you are in business. Lastly, if you are interested here is the Virtual Connect configuration used to configure the blades. This configures blade 1A and 1B interfaces 1 and 2. Interface 1 is assigned untagged VLAN of 1050 (eth0) and tagged VLAN 1051 (eth0.1051). Interface 2 is assigned untagged VLAN 1052 (eth1) - which is the storage network.

add profile D4-C2-B01 -NoDefaultEnetConn -NoDefaultFcConn -NoDefaultFcoeConn
add enet-connection D4-C2-B01
add enet-connection D4-C2-B01
add server-port-map D4-C2-B01:1 SC-Management VlanID=1050 Untagged=True
add server-port-map D4-C2-B01:1 SC-VM VlanID=1051
add server-port-map D4-C2-B01:2 SC-iSCSI VlanID=1052 Untagged=True
assign profile D4-C2-B01 enc0:1A

add profile D4-C2-B02 -NoDefaultEnetConn -NoDefaultFcConn -NoDefaultFcoeConn
add enet-connection D4-C2-B02
add enet-connection D4-C2-B02
add server-port-map D4-C2-B02:1 SC-Management VlanID=1050 Untagged=True
add server-port-map D4-C2-B02:1 SC-VM VlanID=1051
add server-port-map D4-C2-B02:2 SC-iSCSI VlanID=1052 Untagged=True
assign profile D4-C2-B02 enc0:1B

Recent Posts



    Sign up for Product Updates and Discounts
    Captcha Image