
Jump to: navigation, search

OPS335 Assignment 1a - Murray Saul

1,415 bytes added, 09:10, 29 January 2017
no edit summary
{{Admon/important|This is NOT Assignment 1 Part 1!|This is the '''ROUGH WORK''' for Murray Saul's section for OPS335 Assignment 1 - Part 1. These assignment specifications are NOT complete. <br><br>Once the assignment specifications are ready, then a link will appear in the [ Main OPS335 WIKI] .}}<br><br>
== Purpose ==
* Assign a newly-created virtual network the name: '''335assign''', and set '''forwarding to any physical device'''<br>(refer to [ lab setup]. You can have have 2 different network names: "335assign" and "ops335" without causing any problems).
* Addresses in this network will start with '''164172.30.20'''. The subnet mask must be ''''''
* There must '''<u>NOT</u>''' be a DHCP server running for this network!
* All the machines for this assignment will be connected to your newly-created virtual network called: '''335assign'''
#Configure it to be a good cloning-source, '''making certain that the cloning-source has all the following elements prior to cloning:'''
::*Don't make the virtual drive too big: you will need space for it as well as space for the clones you from your cloning-source<br>('''2GB''' should be enough for any cloning-source and clone VM that you create for this assignment).
::*The hostname for this server will be called: '''cloning-sourceseedling'''
::*Make certain that you can login to your cloning-source.
::*Configure your network interface for this cloning-source with a '''static''' configuration and is connected to the '''335assign''' network. Refer to the table below for IP address and hostname.<br>
! Hostname !! Address !! Purpose
| '''spruce.coniferous.trees.ops''' (your existing source) || External Facing Address:''' DHCP assigned'''<br>Internal Virtual Bridge (virbr1):''' 164172.30.20.1''' || Your '''host''' machine
| '''seedling.coniferous.trees.ops''' || '''164172.30.20.100''' || '''Cloning-source''' used to create other servers for other assignments.
# Make certain that you have '''iptables''' services enabled and running instead of ''Firewalld''.
# Modify the iptables to meet the following conditions:::<ul>::<li>All outgoing traffic is allowed.</li>::<li>Responses to any traffic the machine sends out are allowed.</li>::<li>Traffic on the loopback interface is allowed.</li>::<li>The default iptables rules should host machine (and <b>only</b> the host machine) must be OK, so you are NOT required able to ssh to make any iptables rules for that cloning-source VM.</li>::<li>ICMP traffic is allowed if it originated with the <b>local network only</b>.</li>::<li>As this portion of is acting as the assignmentsecure basis for later machines, no other traffic should be allowed.</li>::</ul>
=== Create Full and Incremental Backups of cloning-source VM===
*'''Demonstrate working assignment to your instructor in class:'''<ol type="a"><li>Students need to demonstrate their assignment functionality to their professor during a lab period (like you would for any lab for "sign-off").</li><li>Students are required to prepare everything ahead of time so that you can quickly demonstrate to your instructor that all required parts of your assignment are working.</li><li>Do do proceed to the next step until you have demonstrated your assignment to your instructor to check for errors that may cause problems when running the checking script.<br><br></li></ol>
 *'''Download and run a shell script that will to check your set-upwork (Depending on your OPS335 Instructor):  ::'''Peter Callaghan's Classes (Sections C &amp; D):'''<ul><li>Refer to instruction on Moodle to download and run marking shell script</li></ul>  ::'''Murray Saul's Classes (Sections A &amp; B):'''<ol type="a"><li>Login as '''root''' on your '''host''' machine.</li><li>Change to the '''/root/bin''' directory.</li><li>Make certain that your '''cloning-source VM is running'''.<li>Issue the following command to install e-mail on your '''host''' machine:<source>yum install mailx </source><li>Issue the command to download a checking script for your assignment to your '''host''' machine: <source>wget</source></li><li>Set execute permissions and run the command: '''/root/bin/check-assn1-p1.bash'''<br>(You shell script contents will be mailed to your Seneca email and to your OPS335 instructor's Seneca email. If you do '''NOT''' receive an e-mail message in your Seneca email account, then there is a problem, and you '''MUST''' rerun or contact your OPS335 instructor immediately.<br><br></li></ol>
*'''Additional Assignment Information:'''<ol type="a"><li>This assignment is to be completed individually. '''Group submissions are not allowed'''.</li><li>Test your machine to make sure it works. If a machine is not accessible (e.g. will not boot, can not be accessed through ssh from your host, etc.), or is otherwise non-functional, you may be told to '''resubmit'''.</li><li>'''Late submissions are a subject to a penalty of 10% per day'''.</li><ol>
==Evaluation Rubric==
| style="text-align:right" | /1
| Can Ping '''ping cloning-source from host machine ''' with '''correct IPADDR'''
| style="text-align:right" | /1
| root account on host machine can '''connect to cloning-source VM ''' via ssh application '''without''' password
| style="text-align:right" | /1
| style="text-align:right" | /1
| cloning-source can SSH to your student's '''Matrix''' account<br>(i.e. your Matrix account)
| style="text-align:right" | /1
| width=10% style="text-align:right;font-weight:bold" | Mark
| Hostname set to: '''cloning-sourceseedling''' for cloning source
| style="text-align:right" | /1
| '''yum update performed '''
| style="text-align:right" | /1
| '''No regular users on cloning source''' (just root)
| style="text-align:right" | /1
| firewalld '''stopped''' and '''inactive'''
| style="text-align:right" | /21
| iptables '''active''' and '''enabled'''
| style="text-align:right" | /21|-| iptables - '''All outgoing traffic is allowed'''| style="text-align:right" | /1|-| iptables - The '''host machine''' (and only the host machine) must be '''able to ssh to the cloning-source'''| style="text-align:right" | /1|-| iptables - '''ICMP traffic is allowed''' if it originated with the '''local network only'''| style="text-align:right" | /1|-| cloning-source VM can '''connect to the Internet'''| style="text-align:right" | /1
| '''correct static network configuration for cloning-source VM'''<br>(half mark for each network config item)
| style="text-align:right" | /5
| cloning-source VM can connect to the Internet
| style="text-align:right" | /2
| permitRootLogin set to '''yes''' for cloning-source VM
| style="text-align:right" | /2
| Proof that '''VM full backup ''' was run
| style="text-align:right" | /2
| '''Crontab entries runexecuted properly'''
| style="text-align:right" | /2
| '''Incremental Backup ''' of '''/etc/''' directory of cloning-source to '''/backup/incremental/cloning-source''' directory
| style="text-align:right" | /2

Navigation menu