CentOS-7 is now powered by version 3.10.0 of the Linux kernel, with advanced support for Linux Containers and XFS (is a high-performance 64-bit journaling file system) as the default file system. It’s also the first version of CentOS to include the systemd management engine, the firewalld dynamic firewall system, and the GRUB2 boot loader.
CentOS 7 supports 64 bit x86 machines. MySQL has been switched with MariaDB.

1. Systemd

• Systemd is a system and service manager for Linux Operating system.
• Systemd uses the command ‘systemctl’ to manage service instead of service, chkconfig, runlevel and power management commands in the CentOS 6.x
• Systemd is designed to be backwards compatible with SysV init script (using in centos 6.x)

Systemd units :

• Represented by unit configuration files in /etc/systemd/system
• Encapsulate information about system service, listening sockets,saved system state snapshots.

Systemd file locations:

Directory                               Description

/usr/lib/systemd/system/         Systemd file distributed with installed RPM package
/run/systemd/system/                Systemd unit file created at run time.
/etc/systemd/system/                 Systemd unit file created and managed by the system administrator

Comparison of the service utility with systemctl

service	systemctl	Description
service name start	systemctl start name.service	Starts a service.
service name stop	systemctl stop name.service	Stops a service.
service name restart	systemctl restart name.service	Restarts a service.
service namecondrestart	systemctl try-restart name.service	Restarts a service only if it is running.
service name reload	systemctl reload name.service	Reloads configuration.
service name status	systemctl status name.service systemctl is-active name.service	Checks if a service is running.
service –status-all	systemctl list-units –type service –all	Displays the status of all services.

Comparison of chkconfig utility with systemd

1) Listing services

#systemctl list-units –type service
#systemctl list-unit-files –type service

2) Displaying service status:

#systemctl  status httpd.service
#systemctl is-active httpd.service
#systemctl is-enable httpd.service

3) Starting a service

#systemctl start mysqld.service

4) Stopping a service

#systemctl  stop named.service

5) Restarting a service

#systemctl restart vsftpd.service
#systemctl try-restart named.service
#systemctl reload httpd.service

6) Enabling a service

#systemctl enable mysqld.service
#systemctl reenable httpd.service

7) Disabling a service

#systemctl disable vsftpd.service

8) Preventing service from being started manually or by another service

#systemctl mask vsftpd.service
#systemctl unmask vsftpd.service

Working with Systemd Targets

* Runlevels were numbered from 0 to 6 and were defined by a selection of system services to be run.
* In CentOS 7, the concept runlevels has been replaced with systemd targets.

Comparison of Power Management Commands with systemctl :

Old Command	New Command	Description
halt	systemctl halt	Halts the system.
poweroff	systemctl poweroff	Powers off the system.
reboot	systemctl reboot	Restarts the system.
pm-suspend	systemctl suspend	Suspends the system.
pm-hibernate	systemctl hibernate	Hibernates the system.
pm-suspend-hybrid	systemctl hybrid-sleep	Hibernates and suspends the system.

2. FIREWALLD SUITE

The dynamic firewall daemon firewallD provides a dynamically managed firewall with support for network “zones” to assign a level of trust to a network and its associated connections and interfaces. It has support for IPv4 and IPv6 firewall settings.

Comparison of firewalld to system-config-firewall and iptables :

The essential differences between firewalld and the iptables service are:

• The iptables service stores configuration in /etc/sysconfig/iptables, while firewalld stores it in various XML files in /usr/lib/firewalld/ and /etc/firewalld/.
• With the iptables service, every single change means flushing all the old rules and reading all the new rules from /etc/sysconfig/iptables while with firewalld there is no re-creating of all the rules; only the differences are applied. Consequently, firewalld can change the settings during runtime without existing connections being lost.

The zone settings in /etc/firewalld/ :

drop
Any incoming network packets are dropped, there is no reply. Only outgoing network connections are possible.

block
Any incoming network connections are rejected with an icmp-host-prohibited message for IPv4 and icmp6-adm-prohibited for IPv6. Only network connections initiated from within the system are possible.

public
For use in public areas. You do not trust the other computers on the network to not harm your computer. Only selected incoming connections are accepted.
external

trusted
All network connections are accepted.

internal
For use on internal networks. You mostly trust the other computers on the networks to not harm your computer. Only selected incoming connections are accepted.

home
For use in home areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.

internal     
For use on internal networks. You mostly trust the other computers on the networks to not harm your computer. Only selected incoming connections are accepted.

It is possible to designate one of these zones to be the default zone. When interface connections are added to NetworkManager, they are assigned to the default zone. On installation, the default zone in firewalld is set to be the public zone.

You may refer our article at http://blog.supportpro.com/2015/01/an-introduction-to-firewalld-dynamic-firewall/ for more details on the configuration settings of Firewalld

Disabling firewalld

#systemctl disable firewalld
#systemctl stop firewalld

Start firewalld
#systemctl start firewalld

 3. Localectl Command

The system locale is set in the file /etc/locale.conf but the setting are limited to the sort order, display language, time format etc. Other important setting include the keyboard layout for consoles and the GUI if the X Server is running. The command localectl can display and control many of these setting.

 #localectl status  >> to display locale settings
 #localectl set-locale LANG=en_GB.utf8  >> to set the Language
 #localectl list-locales >> to lists locales
 #locale list-keymaps >> list keyboard mappings
 #locale set-keymap uk  >> sets the key map

4. Timedatectl Command

In CentOS7, A new command used to set date and time is “timedatectl“. this command is distributed as part of the systemd system and service manager. You can use this command to change the date and time, set the time zone, check the current date and time or others

To find list of all available time zones,
#timedatectl list-timezones

To set timezone
#timedatectl set-timezone time_zone
In this example, set timezone to America/Chicago
#timedatectl set-timezone America/Chicago

#timedatectl set-time YYYY-MM-DD >> To set date
timedatectl  set-time 2014-07-19

#timedatectl set-time HH:MM:SS >> To set time
timedatectl  set-time 15:12:00

#timedatectl set-ntp yes >> enable ntp server

5. Hostnamectl command

We can change host name by modifying the /etc/sysconfig/network in Centos and other Linux systems, but it did not take an effect of the modification. Even after multiple reboot of server.
The procedure to change the host name in CentOS 7 is now totally different from the previous versions.

In CentOS/RHEL 7, there is a command line utility called hostnamectl, which allows you to view or modify hostname related configurations.

#hostnamectl status

To view static, transient or pretty hostname only, use “–static”, “–transient” or “–pretty” option, respectively
#hostnamectl status [–static|–transient|–pretty]

To change all three hostnames: static, transient, and pretty, simultaneously:
#hostnamectl set-hostname <host-name>

Used to set hostname remotely(-H option using )
#hostnamectl set-hostname -H username@hostname

6. Root file system change

* The /bin, /sbin, /lib and /lib64 directories are now under the /usr directory.
* The /tmp directory can now be used as a temporary file storage system (tmpfs).
* The /run directory is now used as a temporary file storage system (tmpfs). Applications can now use /run the same way they use the /var/run directory.

>> /tmp and /run directory

Offers the ability to use /tmp as a mount point for a temporary file storage system (tmpfs).
When enabled, this temporary storage appears as a mounted file system, but stores its content in volatile memory instead of on a persistent storage device. No files in /tmp are stored on the hard drive except when memory is low, in which case swap space is used. This means that the contents of /tmp are not persisted across a reboot.

To enable and disable this service
# systemctl enable/disable tmp.mount

Files stored in /run and /run/lock are no longer persistent and do not survive a reboot.

7. Httpd package

Configuration file contain less configuration compared to previous version of the htpd, it is hard copied to manuals installed in /usr/share/httpd.
Uses a single binary and provides these Multi-Processing Models as loadable modules: worker, prefork (default), and event. Edit the /etc/httpd/conf.modules.d/00-mpm.conf file to select which module is loaded.
Content previously installed in /var/cache/mod_proxy has moved to /var/cache/httpd under either the proxy or the ssl subdirectory.
Content previously installed in /var/www has moved to /usr/share/httpd including icons, error and and noindex(new)
Module for the previous versions not supported
Configuration files that load modules are now placed in the /etc/httpd/conf.modules.d directory. Packages that provide additional loadable modules for httpd (like the php package) are added to this  directory. Any configuration files in the conf.modules.d directory are processed before the main body of httpd.conf. Configuration files in the /etc/httpd/conf.d directory are now processed after the main body of httpd.conf.
/etc/httpd/conf.d/autoindex.conf configures mod_autoindex directory indexing

If you require help, contact SupportPRO server Admin or do a server checkup: