This is mostly a transcription of the process from the CentOS/RHEL ZoL installation manual.

Install the repo file

Add the ZFSonLinux repo and verify the fingerprint.

Note — manual fingerprint verification is atypical but we'll do it anyway just for kicks.

install certbot

  sudo yum install epel-release
  sudo yum update
  sudo yum install certbot

install nginx

  sudo yum install nginx
  sudo systemctl start nginx

config firewall

if firewall exist on centos do :

Installing mailx

yum -y update

yum install -y mailx

We can now start sending e-mails using

create a symbolic link

ln -s /bin/mailx /bin/mail

Set an External SMTP Server to Relay E-Mails

vi /etc/mail.rc

edit

Ubuntu

I. Install JDK

yum install java-1.7.0-openjdk

II. Install & Configure ElasticSearch

Add repository

rpm --import http://packages.elasticsearch.org/GPG-KEY-elasticsearch
cat > /etc/yum.repos.d/elasticsearch.repo <<EOF
[elasticsearch-1.3]
name=Elasticsearch repository for 1.3.x packages
baseurl=http://packages.elasticsearch.org/elasticsearch/1.3/centos
gpgcheck=1
gpgkey=http://packages.elasticsearch.org/GPG-KEY-elasticsearch
enabled=1
EOF

Install ElasticSearch

Installing Kerberos on Redhat 7

This installation is going to require 2 servers one acts as kerberos KDC server and the other machine is going to be client. Lets assume the FQDN's are (here cw.com is the domain name, make a note of the domain name here): * Kerberos KDC Server: kdc.cw.com * Kerberos Client: kclient.cw.com

Create needed directories

cd /etc/httpd
mkdir /etc/httpd/sites-available
mkdir /etc/httpd/sites-enabled

Append

IncludeOptional sites-enabled/*.conf

To vim /etc/httpd/conf/httpd.conf

Create vhost

/etc/httpd/sites-available/example.com.conf

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/html
    ErrorLog /var/log/apache/example.com/error.log
</VirtualHost>

Enable vhost

Update and install the Let's Encrypt client

Install

sudo apt-get update
sudo apt-get install letsencrypt python-letsencrypt-apache

Invoke letsencrypt

sudo letsencrypt --apache -d <DOMAIN HERE>

Automate the renewal process

sudo letsencrypt renew renews all the domains on the server secured with Let's Encrypt as long as there are less than 30 days remaining until the certificate expires. We can automate the renewal process via cron.

Editing crontab:

There are two modes when you don't want Certbot to edit your configuration: - Standalone: replaces the webserver to respond to ACME challenges - Webroot: needs your webserver to serve challenges from a known folder.

Webroot is better because it doesn't need to replace Nginx (to bind to port 80) to renew certificates.

Master: Install dependencies

apt update && apt upgrade -y
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -

cat <<EOF > /etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF

apt-get update
apt install linux-image-extra-virtual ca-certificates curl software-properties-common -y

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

add-apt-repository    "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) \
stable"

apt update