163
edits
Changes
no edit summary
[[Category:OPS335]][[Category:OPS335 Labs]]
== Objectives OBJECTIVE & PREPARATION ==*Install your host machine (Centos 7)*Install 3 virtual machines (VMs) (Fedora 22 - Server)*Prepare for lab exercises.
=== Installation instructions for Centos 7 Required materials ===#Download a copy of the Centos 7 installation DVD (64 bit edition) from the Centos web site or belmont. Note: we'll be using the 64 bit version of Centos because all of our lab computers are equiped with Intel 64 bit mainboards and CPUs. We'll also be using a Fedora iso for installing the virtual machines, but you will not need to burn that to a disc. It is faster to download the ISO and install directly from it.#* '''Seneca's mirror of Centos:''' http://belmont.senecacollege.ca/pub/centos/7/isos/x86_64/CentOS-7-x86_64-Full Installation DVD-1511.iso<br />(This is very fast, but is only accessible from within Seneca's network - you can't access this from home. You can burn this disc on the machines in the Open Lab.)<br />#* '''Centos mirror list One Solid State Drive (available from any Internet connectionSSD), mininmum capacity:''' https://www.centos.org/download/mirrors/ 240 GB (version: '''7.2USB 3.1511'''0)<br />#Insert your HDD into the docking bay of a PC in the lab and boot the computer using your installation DVD. If possible try to use the same PC for this course for the rest of the semester. Some PCs may be configured with slight hardware variations from others which may cause problems when moving your HDD from one system to another. #Most modification It is now perform through strongly advised you dedicate a single summary screen. Use it to customize your installation following these guidelines:#*set your hostname to your Seneca username.#*Under software selection, choose 'Server with gui', and ensure you enable KDE.#*For installation destination, select your drive (not the one internal to the PC), and select the option to manually configure partitioning.#**Delete any old partitions.#**Choose the option to create partitions automatically (for this will give a typical layout with /, /boot, /home, etc).#**Free up space by shrinking the /home partition. Since your machine will have far fewer users and more virtual machines than a typical installation, we will need that space elsewhere.#**Create a new logical volume for /var and give it the space made available by shrinking /home (You will need enough space for 6 virtual machines at 8GB each). You may wish to keep some extra space left unassigned in case you need some space later, but the majority of the space you will need will be for /var.#During the installation process you will also have the opportunity to create users.#*set the root password#*create a user named with your learn ID#After completing the installation, remove the DVD and reboot from your HDDcourse only.
==INVESTIGATION 1: HOST INSTALLATION== === Installation instructions for CentOS 7 ===#Login as It may be advisable to obtain the <u>latest version</u> of the CentOS 7 Full Installation DVD since there may be improvements since the user last version from when you created took OPS235.<br><br># Download and open burn on a DVD a terminal windowcopy of the CentOS 7 installation DVD (64 bit edition) from the CentOS web site or the Belmont server. Then use <br>'''Note:'''suwe' to become root ll be using the 64 bit version of CentOS because all of our lab computers are equipped with Intel 64 bit mainboards and CPUs, and run any computer you bought in the last few years for yourself will be 64bit as well.<br><br>#* '''Seneca's mirror of CentOS:''yum update' commandhttps://mirror.senecacollege. Reboot after all updates have completedca/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-2009. Now that your system iso <br>This is up to datevery fast, again login using your learnid and do but is only accessible from within Seneca's network - you can't access this from home. You can burn this disc on the machines in the followingOpen Lab.)<br><br>#* '''Outside Seneca College link (available from any Internet connection):<br>''' https://mirror.netflash.net/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-DVD-2009.iso<br /><br>#*Verify that You need to refer to your OPS235 notes in order to install your host machine.<br>Here is a direct link:<br> [https://wiki.cdot.senecacollege.ca/wiki/OPS245_Lab_1 OPS245 - Lab1] <ol><li value=4>Customize your system date installation following these guidelines:<ul><li>'''Turn on networking''' and time are correctuse '''host''' as the '''hostname'''.<li>Under software selection, choose '''Gnome desktop'''.<li>The partition setup is similar to what you had in OPS235:<ul><li>Delete any old partitions. If not then set <li>Select the correct system date hard disk and indicate "I will configure partitions" and timeclick done.#*Verify that your network is functioning<li>Click the link to '''create them (partitions) automatically''' (this will give a typical layout with /, /boot, /boot/efi, /home, etc).#**If you do not <li>Free up at least '''100GB''' of disk space by shrinking the '''/home''' partition (At least '''40 GB''' for root (/) and '''40GB''' for /home). Since your machine will have an ip addressfar fewer users and more virtual machines than a typical installation, edit the line in we will need that space elsewhere.<li>Create a new logical volume for '''/var/etclib/sysconfiglibvirt/network-scriptsimages''' and give it the space made available by shrinking /ifcfg-eth0 home (note this file name may differ between You will need enough space for up to 10 virtual machinesat 8GB each plus room to compress/extract images). onboot=no<li>Make certain that the existing partitions '''except swap, /boot and /boot/efi''' have the file system type '''ext4''' (not xfs).should be</ul> onboot=yes</ul>*If <li>After the installation starts you had will also have the opportunity to change that, reboot create users.<ul><li>Set the root password<li>Create a '''user account''' named with '''your machine before continuing.MySeneca ID'''</ul></ol><br> === First boot === #*Run and record In the output current version of CentOS the first time you boot your system a graphical licence prompt comes up.<br><br><ol><li value="2">Log in and check that you have access to the internet. If you don'df t -hT' commandyou need to get the network interface to come up on boot.#*Run Edit the appropriate config file and record the output of configure your main network interface to come up at boot.<ul><li>You can then use the 'cat ''ifup'''/etc'''ifdown''' commands to reset your network configuration or you can just reboot.</li></ul></fstabli><li>Make certain that ' command''SELinux''' is '''enforcing''' for security reasons (this should be the default).#*Run and record the output of To make it ''enforcing'', simply edit the 'cat ''/etc/issueselinux/config' command'' file and follow the instructions inside.#*Run and record {{Admon/important |SELinux in Andrew's sections|If you're in one of Andrew's sections - please disable SELinux (i.e. do the opposite of the bullet above). This will give you some extra freedom in the output rest of the course to learn and experiment without being bogged down by inexplicable permission denied errors.}}</li><li>Install all updates using the '''yum update''uname -a' command.</li></ol><br>
===Using iptables===
The most recent variants of Centos and Fedora are using a service called '''firewalld''' that replaces is intended to replace '''iptables''', however the ''iptables'' service is still in relatively common usage. In this course we will keep running concentrate on ''iptables on the host machine, and gain experience with the new service on the virtual machines''.*install <ol><li>Disable firewalld:<source>systemctl disable firewalldsystemctl stop firewalld</source></ol><ol><li value="2">Install and enable iptablesthe IPTables services:<source> yum install iptables-services systemctl enable iptablessystemctl start iptables</source></ol>At this point you have a basic Centos system installed and updated. This will serve as a host for the virtual machines where you will do the majority of the work in this course. All the rest of our labs will assume you have this basic system running. If, for any reason, your system becomes corrupted during the semester, you'll have to redo this lab to be able to continue with the remaining uncompleted labs. You are responsible for YOUR system. If you do not perform back-ups you have taken this risk on yourself. Poor planning on your part does not constitute an emergency for anyone else. '''Record steps, commands, and your observations in INVESTIGATION 1 in your OPS235 lab log-book''' ==INVESTIGATION 2: VIRTUAL MACHINE INSTALLATION== ===Configuring a VM host=== # You will need to install some software to allow your machine to act as a host for virtual machines. We'll be using the same '''libvirt''' and '''virt-manager''' you used in [https://wiki.cdot.senecacollege.ca/wiki/OPS235_Lab_2 OPS235 - Lab2].<br>You may find it helpful to refer back to the '''OPS235 notes''' to perform the following operations:#*disable firewalldInstall the required virtualization software systemctl disable firewalld#* Start and enable the virtualization service#*Note that Reboot your host machine<br><br># Start the graphical virtual machine manager (''virt-manager''). Do this as you regular user, and don't run virt-manager from a terminal where you're logged in as root.# We will not switch over to using iptables until be creating our own virtual network. A default virtual network has been created for you reboot, but you will be doing using a <u>custom</u> one in this course.#* Right click '''localhost (QEMU)''' and select '''Details'''.#* Click on the '''Virtual Networks''' tab.#* Stop and delete the '''default''' network.#* Use the '''plus sign''' to add a new virtual network using the following options:#:* Name your virtual network '''ops235'''#:* Use the '''last two digits of your student number for the third octet of network IP address''' (for example, if your student number is 000-000-0<b>90</b>, the network address would be 192.168.<b>90</b>.0/24.#:* Ensure the DHCP range will allow you to assign '''at least 10 static IP addresses outside it''' (note: leave the low numbers available for static addresses).#:* Choose '''Forwarding to physical network''' radio button, '''Destination: Any physical device''' and '''Mode: NAT'''#:* Ensure the network is '''started at boot'''. <br> === VM Installation=== With the virtualization software installed and your personal network created, you are now ready to create your first virtual machine.First, It is a good idea to make certain that shortlyyour host machine has been set up correctly prior to creating your first virtual machine: #Open a separate terminal and issue the '''ip address show''' command on your host machine to know your physical network and your virtual network. Note this information for the next few steps.#Issue the following command to download Bash shell script to check your host machine's set-up prior to proceeding with this lab:<br>'''wget http://ict.senecacollege.ca/~andrew.smith/ops335/labcheck_install.sh'''<br>#Assign execute permissions, so there and run the script to check your work:<br> '''labcheck_install.sh'''<ol><li value="4">Use the information from the '''ip address show''' command to correctly specify the '''physical network interface''' and the '''virtual network interface'''.</li></ol> '''NOTE:''' You will need an ISO file for CentOS 7 (the same one you burned your DVD from). It is no recommended to use the command to download this image onto your host machine. In this way, you can keep it on your host machine for the remainder of this course in case you need it: '''wget http://mirror.csclub.uwaterloo.ca/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-2009.iso''' Perform the following steps to do so right nowcreate your first VM on your Virtual Machine Manager application: # Create a new virtual machine named '''vm1'''.# Accept the default file type (which is '''qcow2'''). You are <u>NOT</u> required to specify the VM file pathname as you did in OPS235.
===First Boot===
'''Record steps, commands, and your observations in INVESTIGATION 2 in your OPS335 lab log-book''' ===Cloning a Virtual Machine=COMPLETING THE LAB ==*Now that Upon completion of this lab you should have one 4 installed machines. One machine running Centos 7 and acting as a host and gateway for three virtual machines running minimal installations of Centos 7. Each machine working, you will create two more. If you struggled with must be fully updated and have access to the previous stepsnetwork (for example, repeat them to create two more virtual machines (naming them f22-vm2 get further updates) and f22-vm3, with hostnames vm2be able ping the others.localdomain and vm3 Each machine must be using iptables for the firewall.localdomain respectively) ===Online Submission=== Follow the instructions for lab 0 on blackboard. <!--===Andrew's sections=== You may choose to:*If you are confident with what you have done so farSubmit screenshots of your work on Blackboard, in which case you may clone your existing machine don't need to come to create the otherslab.**To quickly create additional VM's shutdown 'f22-vm1'Or come to the lab, show me your work, right click and select 'Clone..talk to me about it.I want to hear what you've learned and answer any questions you have.***Set You'll get the Name same grade regardless of how you choose to besubmit your work. Expected results of this lab are: ::<span style="color:green;font-size:1.5em;">✓</span> Host Machine installed::<span style="color: f22green;font-vm2size:1.5em;">✓</span> 3 virtual machines installed**Once successfully created, boot the new ::<span style="color:green;font-size:1.5em;">✓</span> Each machine (host and VM and correct ) has access to the host name. This can be done using the hostnamectl commandnetwork::<span style="color:green;font-line toolsize:1. 5em;">✓</span> Lab logbook completed***Record in your notes how each is done::<span style="color:green;font-size:1.**Use 5em;">✓</span> Run the '''labcheck_install.sh''' shell script on your host command to check for connectivitymachine**After creating f22-vm2 repeat the above steps to create f22-vm3 and correct the host name.>
== Completing the Lab EXPLORATION QUESTIONS==Upon completion of this lab you should have 4 installed machines. One machine running Centos 7 and acting as a host and gateway for three virtual machines running Fedora 22 Server. Each machine must have access to the network (for example, to get updates) and be able ping the others.
#What kernel release is your host system running?
#What kernel release are your virtual machines running?
#What is the UUID (Universally Unique Identifier) of your root file system? What command was used to obtain this information?
#What is the size and type of the /boot file system on your host?
#What file was edited to change the host name on your VM's?#Explain Are there other ways to change the iptables rules displayed when you ran the command 'iptables -t nat -L'. How did they change after creating your personal network.hostname?