Open main menu

CDOT Wiki β

Changes

Ops535 online a1

1,915 bytes added, 01:20, 10 February 2021
NFS Server - on VM co-nfs
machine in your network (including ones not created yet) must have access to this service.
:* Network users should not have read or write access to other network users' home directories.
 
==LDAP Server - on VM rns-ldap==
:* LDAP Domain Name – <yourdomain>.ops, where <yourdomain> is your assigned
domain.
:* This machine will act as an LDAPs server and provide user and group information to your other
VMs.
:* Other students VMs in the virtual lab must not be able to contact this service.
 
==Network, firewall, and SELinux==
:* All your VMs must be accessible to each other using the private network.
:* Do not allow DNS queries from any VMs in your network to any DNS servers in the lab
except your caching-only DNS server.
• SELinux must be turned on and run in enforcing mode on all of your VMs. You may need to
configure the SELinux booleans accordingly.
• You VM1 should use iptables.service and VM2 to VM4 must use firewalld.service as their firewall. For firewalld.service, the ens192 interface should be set up in the 'public' zone and the ens224 interface should be set up in the ‘work’ zone. In addition to ssh traffic, your firewalls should only allow the traffic necessary to fulfil the roles described above.
 
==Workflow==
* All the configuration must be done by using one of the following automation framework with:
** customized bash script with ssh, or
** fabric tasks, or
** ansible playbook.
 
=Grading=
Shortly before the due date I will post a rubric on blackboard. On the due date I will
:* provide a script that will gather information from your VMs and create a tar file from them. You will upload that tar file to blackboard.
:* run test script from any machines in the virtual lab to scan and test all the required services you should provided.
:* disaster recovery test - one of your VMs will be reset to its baseline condition/configuration and you have 30 minutes to apply your automation script(s) to bring back to the assignment 1 requirement.
 
=Questions=
If you have any questions about this assignment, please talk to your professor before the due date.
1,760
edits