Preparing Linux Template VMs

Lien : https://lonesysadmin.net/2013/03/26/preparing-linux-template-vms/

Repositories (Red Hat)

Disable proxy

subscription-manager config --remove=server.proxy_hostname
subscription-manager config --remove=server.proxy_port
sed -i '/^proxy=/d'  /etc/yum.conf

Update

subscription-manager register
subscription-manager attach --pool=8a85f9814f83fbf2014f8529d52770cd

subscription-manager unregister
subscription-manager clean

Paquets à installer

yum install open-vm-tools open-vm-tools-deploypkg net-tools perl

Stop logging services

Centos 6.x / Red Hat 6.x

/sbin/service rsyslog stop
/sbin/service auditd stop

Centos 7.x

/bin/systemctl stop  rsyslog.service
/sbin/service auditd stop
/bin/systemctl stop  tuned.service

Ubuntu 14.04

/etc/init.d/rsyslog stop
/etc/init.d/atd stop
/etc/init.d/acpid stop

Ubuntu 16.04

/etc/init.d/rsyslog stop
/etc/init.d/atd stop
/etc/init.d/acpid stop

Removing old kernels : CentOS 6.x and 7.x

yum -y install yum-utils
package-cleanup --oldkernels --count=2
package-cleanup --orphans
package-cleanup --problems
package-cleanup --leaves

Clean yum : CentOS 6.x and 7.x

yum clean all

Clean apt cache : Ubuntu 14.04

apt-get autoclean
apt-get clean
apt-get autoremove

Logrotate && logs

logrotate -f /etc/logrotate.conf
cd /var/log/
rm -f *-2* *gz *old
rm -f apt/*
rm -f anaconda* anaconda/*
rm -f audit/audit.log audit/*
rm -f tuned/*
rm -f tallylog
rm -f rhsm/rhsmcertd.log-*
rm -f rhsm/rhsm.log-*
rm -f sa/*
rm -f *.{1,2}
rm -f upstart/*gz
rm -f lynis*
rm -f vmware-tools-upgrader.log vmware-imc/toolsDeployPkg.log
find . -type f  | while read f; do > $f; done
find . -type f -ls

Optimisations Netapp

CentOS & Red Hat

• Lien à consulter : https://kb.netapp.com/support/index?page=content&id=3013622

grep timeout /etc/udev/rules.d/99-vmware-scsi-udev.rules

Ubuntu 14.04

cd /lib/udev/rules.d
grep timeout *

# Output :
# 40-open-vm-tools.rules:# Modify the timeout value for VMware SCSI devices so that
# 40-open-vm-tools.rules:ACTION=="add", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware  " , ATTRS{model}=="Virtual disk    ",   RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/device/timeout'"

Ubuntu 16.04

cd /lib/udev/rules.d
grep timeout *

# Output :
50-firmware.rules:# failed; necessary to avoid long timeouts with CONFIG_FW_LOADER_USER_HELPER=y
56-lvm.rules:OPTIONS+="event_timeout=180"
60-open-vm-tools.rules:# Modify the timeout value for VMware SCSI devices so that
60-open-vm-tools.rules:ACTION=="add|change", SUBSYSTEMS=="scsi", ATTRS{vendor}=="VMware  " , ATTRS{model}=="Virtual disk    ",   RUN+="/bin/sh -c 'echo 180 >/sys$DEVPATH/device/timeout'"

Network

CentOS 6.x & Red Hat 6.x

rm -f /etc/sysconfig/network-scripts/ifcfg-*eth*
echo "clean /etc/udev/rules.d/70-persistent-net.rules"
rm -f /etc/udev/rules.d/70*

CentOS 7.x

rm -f /etc/sysconfig/network-scripts/ifcfg-*en*
echo "clean /etc/udev/rules.d/70-persistent-net.rules"

Désactiver iptables

CentOS 6.x & Red Hat 6.x

chkconfig iptables off
chkconfig ip6tables off

CentOS 7.x

systemctl stop firewalld.service
systemctl disable firewalld.service

Clean /tmp out

rm -fr /tmp/*
rm -fr /var/tmp/*

Remove the SSH host keys

rm -f /etc/ssh/*key*

# Sur Ubuntu : ssh-keygen -A

Remove the root user’s SSH history & other cruft

cd ~root
rm -fr .Xauthority .viminfo tina.txt .pki install.log.syslog install.log anaconda-ks.cfg .InstallAnywhere/ .ssh
cd /home
rm -f */{.bash_history}

Remove the root user's shell history

rm -f ~root/.bash_history
unset HISTFILE
history -c