Open main menu

CDOT Wiki β

Changes

OPS335 Installation Lab

1,939 bytes removed, 11:50, 11 August 2022
no edit summary
This lab is a repeat of a portion of lab1 (and some of lab2) that you already performed in OPS235 plus some newer content that relates to this week's notes. You are expected to be able to complete all this using your existing skills and knowledge or refer back to your OPS235 lab-book or OPS235 WIKI notes.
In this is lab, you will install your '''host machine''' (Centos7), '''install virtualization software''', and '''create and install 3 nested virtual machines'''.
=== Required materials ===
*Centos 7 Full Installation DVD.
*One SATA hard disk in a removable drive tray Solid State Drive (minimum 250GBSSD), mininmum capacity: 240 GB (USB 3.0). It is strongly advised you dedicate a drive for this course only.*USB drive (8 GB+) for creating and storing backups (Virtual Machines, configuration files).*OPS335 Lab Log-book (Previous OPS235 log lab-book as an additional resource).
=== Online Resources===
==INVESTIGATION 1: HOST INSTALLATION==
=== Installation instructions for Centos CentOS 7 ===# It may be advisable to obtain a the <u>newer latest version</u> of the Centos CentOS 7 Full Installation DVD since there may be improvements since the last version from when you took OPS235.# '''Note:''' There are two versions of OPS235 lab1 if you are using for reference for either a SATA removable hard drive or a Solid State Drive (SSD). Both labs are identical in basic content, except the SSD labs uses VMware Workstation 12 Pro to create the host machine. For an SSD drive, you would also need to setup nested VMs when you setup KVM in lab2 (i.e. follow instructions in OPS235 labs CAREFULLY).<br><br># Download and burn on a DVD a copy of the Centos CentOS 7 installation DVD (64 bit edition) from the Centos CentOS web site or the Belmont server.<br>'''Note:''' we'll be using the 64 bit version of Centos CentOS because all of our lab computers are equiped equipped with Intel 64 bit mainboards and CPUs, and any computer you bought in the last few years for yourself will be 64bit as well.<br><br>#* '''Seneca's mirror of CentosCentOS:''' httphttps://belmontmirror.senecacollege.ca/pub/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-16112009.iso<br>This is very fast, but is only accessible from within Seneca's network - you can't access this from home. You can burn this disc on the machines in the Open Lab.)<br><br>#* '''Outside Seneca College link (available from any Internet connection):<br>''' httphttps://centos.mirror.rafalnetflash.canet/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-LiveGNOMEDVD-16112009.iso<br /><br># Insert You need to refer to your removable harddrive into the OPS235 notes in order to install your host machine and boot from the DVD.{{Admon<br>Here is a direct link:<br> [https://tip |Boot order|Some of our machines' boot order is configured to be Harddrive first, DVD secondwiki.cdot. Which means you won't be able to boot from the DVD if you already have an operating system installed on your drivesenecacollege.}}ca/wiki/OPS245_Lab_1 OPS245 - Lab1]
<ol>
<li value=54>Customize your installation following these guidelines:
<ul>
<li>'''Turn on networking''' and use '''host''' as the '''hostname'''.
<li>Delete any old partitions.
<li>Select the hard disk and indicate "I will configure partitions" and click done.
<li>Click the link to '''create them (partitions ) automatically''' (this will give a typical layout with /, /boot, /boot/efi, /home, etc).<li>Free up at least '''100GB''' of disk space by shrinking the '''/home''' partition (At least '''40GB''' GB for root (/) and '''40GB'''GB for /home). Since your machine will have far fewer users and more virtual machines than a typical installation, we will need that space elsewhere.
<li>Create a new logical volume for '''/var/lib/libvirt/images''' and give it the space made available by shrinking /home (You will need enough space for up to 10 virtual machines at 8GB each plus room to compress/extract images).
<li>Make certain that the existing partitions '''except swap, /boot and /boot/efi''' have the file system type '''ext4''' (not xfs).
</ul>
</ul>
=== First boot ===
# In the current version of CentOS the first time you boot your system a graphical licence prompt comes up. To save you some stress, here are the keys you need to press to get past it::: '''1''' ''ENTER'':: '''2''' ''ENTER'':: '''c''' ''ENTER'':: '''c''' ''ENTER''<br><br><ol><li value="2">Log in and check that you have access to the internet. If you don't - you need to get the network interface to come up on boot. Edit '''/etc/sysconfig/the appropriate config file and configure your main network-scripts/ifcfg-eno1''' (the name of the interface may be different) and change '''onboot''' to '''yes'''come up at boot.<ul><li>You can then use the '''ifup'''/'''ifdown''' commands to reset your network configuration or you can just reboot.</li></ul></li><li>Make certain that '''SELinux''' is '''enforcing''' for security reasons (this should be the default). To make it ''enforcing'', simply edit the '''/etc/selinux/config''' file and follow the instructions inside. {{Admon/important |SELinux in Andrew's sections|If you're in one of Andrew's sections - please disable SELinux (i.e. do the opposite of the bullet above). This will give you some extra freedom in the rest of the course to learn and experiment without being bogged down by inexplicable permission denied errors.}}</li><li>Install all updates using the '''yum update''' command.</li></ol>
<br>
 
{{Admon/important |Yum Update Hangs|If you experience yum update "hanging" around item 689 of over 1200 packages, issue the following commands:<br><source>pkill systemctl
yum clean all
yum update
</source>'''NOTE:''' Do NOT press '''&lt;ctrl&gt;c''' since it may cause your machine to cause a kernel panic when you restart your machine.}}
===Using iptables===
The most recent variants of Centos and Fedora are using a service called '''firewalld''' that is intended to replace '''iptables''', however the ''iptables'' service is still in relatively common usage. In this course we will concentrate on ''iptables''.
<ol><li>Disable firewalld:
<source lang="bash">
systemctl disable firewalld
systemctl stop firewalld
</ol>
<ol><li value="2">Install and enable the IPTables services:
<source lang="bash">
yum install iptables-services
systemctl enable iptables
At this point you have a basic Centos system installed and updated. This will serve as a host for the virtual machines where you will do the majority of the work in this course. All the rest of our labs will assume you have this basic system running. If, for any reason, your system becomes corrupted during the semester, you'll have to redo this lab to be able to continue with the remaining uncompleted labs. You are responsible for YOUR system. If you do not perform back-ups you have taken this risk on yourself. Poor planning on your part does not constitute an emergency for anyone else.
'''Record steps, commands, and your observations in INVESTIGATION 1 in your OPS335 OPS235 lab log-book''' 
==INVESTIGATION 2: VIRTUAL MACHINE INSTALLATION==
===Configuring a VM host===
# You will need to install some software to allow your machine to act as a host for virtual machines. We'll be using the same '''libvirt''' and '''virt-manager''' you used in [https://wiki.cdot.senecacollege.ca/wiki/OPS235_Lab_2 OPS235- Lab2].<br>You may find it helpful to refer back to the '''OPS235 notes''' to perform the following operations:
#* Install the required virtualization software
#* Start and enable the virtualization service
#* Stop and delete the '''default''' network.
#* Use the '''plus sign''' to add a new virtual network using the following options:
#:* Name your virtual network '''ops335ops235'''
#:* Use the '''last two digits of your student number for the third octet of network IP address''' (for example, if your student number is 000-000-0<b>90</b>, the network address would be 192.168.<b>90</b>.0/24.
#:* Ensure the DHCP range will allow you to assign '''at least 10 static IP addresses outside it''' (note: leave the low numbers available for static addresses).
First, It is a good idea to make certain that your host machine has been set up correctly prior to creating your first virtual machine:
#Open a separate terminal and issue the '''ifconfigip address show''' command on your host machine to know your physical network and your virtual network. Note this information for the next few steps.#Issue the following command to download Bash shell script to check your host machine's set-up prior to proceeding with this lab:<br>'''wget http://matrixict.senecac.onsenecacollege.ca/~murrayandrew.saulsmith/ops335/labcheck_install.sh'''<br>
#Assign execute permissions, and run the script to check your work:<br>
'''labcheck_install.sh'''
<ol><li value="4">Use the information from the '''ifconfigip address show''' command to correctly specify the '''physical network interface''' and the '''virtual network interface'''.</li></ol>
'''NOTE:''' You will need an ISO file for CentOS 7 (the same one you burned your DVD from). It is recommended to use the command to download this image onto your host machine. In this way, you can keep it on your host machine for the remainder of this course in case you need it:
'''NOTE:''' You will need an ISO file for CentOS 7 (the same one you burned your DVD from). It is recommended to use the command:<br> '''<span style="text-decoration:none;color:blue;">wget http://belmontmirror.csclub.senecacollegeuwaterloo.ca/pub/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-16112009.iso</span>''' to download this image onto your host machine. In this way, you can keep it on your host machine for the remainder of this course in case you need it. 
Perform the following steps to create your first VM on your Virtual Machine Manager application:
#You will notice that the server installation defaults to a command-line interface. This is normal, and we will only be using this interface during this course.
#Ensure your machine has a network connection by running the command
'''ssh your_seneca_id@matrix.senecac.onsenecacollege.ca'''<ol><li value="3">If that did not work - make sure GlobalProtect VPN is installed on your Windows/Mac and connected. If it is, ensure your CentOS network interface is started automatically on boot.</li></ol>
{{Admon/tip|Default for network config for onboot|If you've turned on your networking interface during installation - it will be turned on by default. If you've left the network interface off during the installation - it will be off by default.}}
<ol><li value="4">Once you have a working connection - update your machine.</li></ol>
'''yum update'''
<ol>
<li value="5">Use yum to install Install the '''bind-utils''' package. The commands it provides (e.g. nslookup) will be useful in troubleshooting your network connection.</li><li>Configure You may also want to install the virtual machine '''nmap''', '''telnet''' and '''net-tools''' packages to use help you troubleshoot connectivity issues.</li><li>Configure '''firewalld, iptables''' and (instead of firewalldif required) '''SELinux''' the same way you did for the host.</li>
<li>Reboot the virtual machine once it is updated.</li>
</ol>
 
{{Admon/tip|If errors on boot-up|If your virtual machine hangs on boot, you will need to change a graphics option:<ul><li>While the VM is off, click on '''View''' (from the menu at the top of the VM window), and select '''Details'''.</li><li>From the menu on the left side, select '''Display'''.</li><li>Change the drop-down list for Type from '''VNC''' to '''Spice''', and click apply.</li><li>Switch the view back to '''Console''' and start the machine again.</li></ul>}}
<br>
===Cloning a Virtual Machine===
# Now that you have one virtual machine working, you will create two more. If you struggled with the previous steps, repeat them to create two more virtual machines (naming them '''vm2''' and '''vm3''', with hostnames '''vm2.localdomain''' and '''vm3.localdomain''' respectively).
<ol>
<li value="2"> Now that you have one virtual machine working, you will create two more. If you struggled with the previous steps, repeat them to create two more virtual machines.</li><li>'''If you are confident with what you have done so far, you may clone your existing machine to create the others by performing the following steps:'''</li><li><ol type="a"> <li>Make certain that your '''vm1''' virtual machine is shutdown.</li> <li>For your '''vm1''' machine, go to the details section and remove the <u>device</u> '''Channel qemu-ga'''.</li> <li>In the virtual machine manager, '''right click''' on ''vm1'' and select '''Clone...'''.</li> <li>Set the Name to be: '''vm2'''</li></ol></li><li>Once successfully created, boot the new VM and correct the host name. This can be done using the '''hostnamectl''' command-line tool.</li></ol>  {{Admon/important |Errors When Booting Clone|If you experience errors when starting the "Cloned" VM, go to the clone's details section (i.e. when you open the VM, but not start it, then select: ''View'' then ''Details'') and remove the <u>device</u> '''Channel qemu-ga'''.<br>It is recommended to follow that procedure, since if you don't, you would only be permitted to start the "cloned VM" if the original VM (used to create the clone) is already running.<br><br>'''Repeat this procedure for any additional "cloned VM" that you create for this course'''.}}  <ol><li value="4">Record in your notes the steps for cloning a vm.</li>
<li>Use the host command to check for connectivity</li>
<li>After creating '''vm2 ''' repeat the above steps to create '''vm3 ''' and correct the host namehostname ('''vm2.localdomain''' and '''vm3.localdomain''' respectively).</li>
</ol>
Upon completion of this lab you should have 4 installed machines. One machine running Centos 7 and acting as a host and gateway for three virtual machines running minimal installations of Centos 7. Each machine must be fully updated and have access to the network (for example, to get further updates) and be able ping the others. Each machine must be using iptables for the firewall.
===Online Submission===
 
Follow the instructions for lab 0 on blackboard.
<!--===Andrew'''Depending on your professor you will either be asked to submit the lab in class, or online. Follow the appropriate set of instructions below'''s sections===
===Online Submission (Peter CallaghanYou may choose to:* Submit screenshots of your work on Blackboard, in which case you don's Classes only)===t need to come to the lab.Follow * Or come to the instructions for lab 0 on moodle, show me your work, and talk to me about it. I want to hear what you've learned and answer any questions you have.
===In Class Submission===[[Image:lab1_signoff.png|thumb|right|500px|Students should be prepared with You'''all required commands (system information) displayed in a terminal (or multiple terminals) prior ll get the same grade regardless of how you choose to calling the instructor for signoff'''submit your work.]]'''Arrange evidence (command output) for each Expected results of these items on your screen, then ask your instructor to review them and sign off on the this lab's completionare:'''
::<span style="color:green;font-size:1.5em;">&#x2713;</span> Host Machine installed
::<span style="color:green;font-size:1.5em;">&#x2713;</span> Each machine (host and VM) has access to the network
::<span style="color:green;font-size:1.5em;">&#x2713;</span> Lab logbook completed
::<span style="color:green;font-size:1.5em;">&#x2713;</span> Run the '''labcheck_install.sh''' shell script on your hostmachine to show your professor the resultshost machine<br-->
==EXPLORATION QUESTIONS==
163
edits