#RHEL

62 posts

RHEL in Practice #5: Automating RHEL with Ansible — Bridging to the RHCE Track
8 min read

RHEL in Practice #5: Automating RHEL with Ansible — Bridging to the RHCE Track

The fifth post in the RHEL in Practice track. We take the hand-driven work from #1〜#4 — nginx, PostgreSQL, Podman, and monitoring — and tie it back together with Ansible, organizing the big picture of reproducing the same result from a single set of code. We cover ansible-core installation, a minimal inventory and ansible.cfg, the idempotency concept, examples of moving hand work into a playbook, and the path to abstraction with rhel-system-roles — leaving the deep syntax to the RHCE track.

RHEL in Practice #4 Monitoring: Cockpit, PCP
11 min read

RHEL in Practice #4 Monitoring: Cockpit, PCP

The fourth post in the RHEL in Practice track. Once you have web, DB, and containers running, it is time to look at what is actually happening on top of them. This post walks through one full cycle: standing up the Cockpit web console for browser-based server management and Performance Co-Pilot (PCP) for collecting and recording performance metrics on RHEL, then wiring the two together to view performance graphs. It also covers when to reach for the basic commands like top, ss, journalctl, and sar.

RHEL in Practice #3: Container Workloads — Podman, systemd (quadlet)
9 min read

RHEL in Practice #3: Container Workloads — Podman, systemd (quadlet)

The third post in the RHEL in Practice track. Putting the web and DB we stood up by hand in #1 and #2 back up as containers, we organize the operational flow of Podman, RHEL's standard container engine. Image pull and run, volumes and port mapping, rootless containers, and integrating containers as systemd services with quadlet for automatic startup at boot — all in one cycle.

RHEL in Practice #2: Database Operations — PostgreSQL on RHEL
9 min read

RHEL in Practice #2: Database Operations — PostgreSQL on RHEL

The second post in the RHEL in Practice track. Having stood up the web tier, we move to the data tier behind it: installing and initializing PostgreSQL via RHEL's AppStream modules. We cover the data directory and SELinux context, postgresql.conf / pg_hba.conf settings and the firewalld opening for remote access, and everything from creating users and databases to backup, recovery, and diagnosis when you get stuck — all from a real operations perspective.

RHEL in Practice #1: Running a Web Server — nginx, systemd, SELinux Policy
5 min read

RHEL in Practice #1: Running a Web Server — nginx, systemd, SELinux Policy

The first post in the RHEL in Practice track. It brings together the systemd, SELinux, and firewalld knowledge from the basics, intermediate, and advanced series, and walks one full cycle of standing up an nginx web server properly on RHEL. Package install and service registration, SELinux context and port labels, opening firewalld, plus the spots where non-standard ports and document roots most often trip people up — all covered from a real operations angle.

RHEL Advanced #7: Cockpit for GUI Management and Web Console — Series Wrap
9 min read

RHEL Advanced #7: Cockpit for GUI Management and Web Console — Series Wrap

The RHEL Advanced series so far has been all CLI, but Cockpit is the standard tool that adds a lightweight web GUI on top. The web console covers systemd, services, users, networking, storage, Podman, kdump, and SELinux on one screen, lets you manage multiple machines from a dashboard, integrates sosreport and diagnostic tools, and handles the kinds of work better done in Cockpit than by SSHing in to edit with vi — as we wrap the series.

RHEL Advanced #6: Subscription, Satellite, Insights — Operations Infrastructure
9 min read

RHEL Advanced #6: Subscription, Satellite, Insights — Operations Infrastructure

Three Red Hat operations tools you meet not when running one machine, but when running tens or hundreds. subscription-manager ties a machine to a Red Hat subscription, Satellite is the on-prem unified ops platform for lifecycle, content views, and patch automation, and Insights is the SaaS analytics service for vulnerability, stability, and performance recommendations — all in one cycle.

RHEL Advanced #5: Security Hardening — auditd, OpenSCAP, FIPS
10 min read

RHEL Advanced #5: Security Hardening — auditd, OpenSCAP, FIPS

The three pillars of operational security stacked on top of SELinux. auditd for recording every change to the system with ausearch/aureport, OpenSCAP for automated checking and remediation against CIS, STIG, PCI-DSS, and FIPS mode required by government and financial certifications — all in one cycle.

RHEL Advanced #4: SELinux Advanced — Writing Policy and audit2allow
10 min read

RHEL Advanced #4: SELinux Advanced — Writing Policy and audit2allow

Going one level higher than the intermediate post: the structure of .te/.fc/.if policy files, the flow and limits of generating modules with audit2allow, the procedure to compile and install with checkmodule / semodule_package / semodule by hand, plus booleans and interfaces — all in one cycle. The goal is to follow an AVC denial all the way through to a permanent policy module.

RHEL Advanced #3: Performance Analysis — sar, top/htop, iostat, vmstat, perf
11 min read

RHEL Advanced #3: Performance Analysis — sar, top/htop, iostat, vmstat, perf

Where to look first when a RHEL machine becomes slow. Get the first picture with top/htop, see CPU/memory/IO at once with vmstat, drill into disks with iostat, follow time with sar, and find CPU hotspots with perf — all framed by the USE (Utilization, Saturation, Errors) methodology in one cycle.

RHEL Advanced #2: Kernel Tuning — sysctl, tuned, kdump
11 min read

RHEL Advanced #2: Kernel Tuning — sysctl, tuned, kdump

How to use sysctl to adjust kernel behavior at runtime, separating permanent settings into /etc/sysctl.d/, swapping workload profiles in one line with tuned, and capturing memory dumps at the moment of a kernel panic with kdump and analyzing them with crash — all in one cycle. Common keys like vm.swappiness and net.core.somaxconn, and the differences between tuned profiles, are covered together.

RHEL Advanced #1: Boot Process — GRUB2, dracut, Recovery Mode
12 min read

RHEL Advanced #1: Boot Process — GRUB2, dracut, Recovery Mode

Step-by-step organization of the entire flow from a RHEL machine being powered on to the login prompt appearing. UEFI/BIOS, GRUB2 configuration with grub2-mkconfig, initramfs and dracut regeneration, systemd targets and default.target, rescue/emergency mode, and the procedure to recover the root password by editing GRUB — all covered in one cycle.