https://wiki.cdot.senecacollege.ca/w/api.php?action=feedcontributions&user=Rchan&feedformat=atomCDOT Wiki - User contributions [en]2024-03-19T11:47:45ZUser contributionsMediaWiki 1.30.0https://wiki.cdot.senecacollege.ca/w/index.php?title=User:Rchan&diff=158559User:Rchan2022-07-22T22:56:56Z<p>Rchan: </p>
<hr />
<div>My name is Raymond Chan. I was a professor at Seneca teaching in the School of Computer Studies since May 2000 and retired in 2021.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=User:Rchan&diff=158558User:Rchan2022-07-22T22:56:03Z<p>Rchan: </p>
<hr />
<div>My name is Raymond Chan. I was a professor at Seneca teaching in the School of Computer Studies. I retired in 2021.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-dynamicdns&diff=155121OPS535-vl-lab-dynamicdns2021-06-16T19:10:53Z<p>Rchan: Created page with "Category: OPS535Category: OPS535-LabsCategory: rchan =OPS535 Lab 4 (using Virutal Lab)= == Objectives == * Design the algorithm for setup and configure a Primary D..."</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 4 (using Virutal Lab)=<br />
== Objectives ==<br />
* Design the algorithm for setup and configure a Primary DNS server with dynamic zone based on [[OPS535-lab-dynamicdns | Lab 4 - Dynamic DNS lab]] <br />
* Create remote administration script(s) using bash/ansible based on your algorithm<br />
* Deploy the remote administration scripts using bash/ansible on your Seneca VM2 in the OPS535 Virtual Lab<br />
<br />
==Pre-Requisites==<br />
:* Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:* Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:* Complete the [[OPS535-lab-dynamicdns | Lab 4 - Dynamic DNS lab]] on your home VMs<br />
:* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab<br />
:* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
<br />
==Investigation 1: Algorithm for setup and configure an Primary DNS server with Dynamic Zone==<br />
Based on the steps you performed on [[OPS535-lab-dynamicdns | Lab 4 - Dynamic DNS lab]], design and create an appropriate algorithm to setup and configure a Primary DNS server with Dynamic zone on your Seneca VM2 remotely from your control VM (Seneca VM1).<br />
You can follow the format used in Investigate 3, Task 1 in [[OPS535-vl-lab-nfs | Lab 2 - NFS Lab on VL]]<br />
* Name your algorithm as "lab4-ddns-algorithm.txt"<br />
* Save your algorithm file to ~student/ops535/lab4/lab4-ddns-algorithm.txt<br />
<br />
==Investigation 2: Scripts for remote deployment of Primary DNS server with Dynamic Zone==<br />
=== Task 1 ===<br />
Based on your algorithm created for investigation 1, write a bash script named "lab4-ddns-setup.bash" to implement all the steps on VM2 (pri-dns)<br />
* save the script to ~student/ops535/lab4/scripts/lab4-ddns-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-ddns.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/ops535/lab4/playbook/config-ddns.yml<br />
<br />
=== Task 3 ===<br />
* Run the playbook create in Task 2 above, and capture the output to a file named lab4_inv2_task3.txt in the directory ~student/ops535/lab3/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-online-lab-dynamicdns&diff=155120OPS535-online-lab-dynamicdns2021-06-16T19:05:20Z<p>Rchan: /* There are two options for you to complete this lab */</p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]]<br />
=There are two options for you to complete this lab=<br />
* Do it on your home system with VMware VM: [[OPS535-lab-dynamicdns]]<br />
* Do it on OPS535 Virtual Lab: [[OPS535-vl-lab-dynamicdns]] -- coming soon ...<br />
<br />
= References =<br />
: [https://www.dns-school.org/Documentation/dnssec_howto.pdf#part.4 TSIG Tutorial]</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-lab-ldap&diff=155119OPS535-lab-ldap2021-06-16T06:45:15Z<p>Rchan: /* Investigation 3: Setup and Configure OpenLdap Client Through SSSD */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: peter.callaghan]]<br />
=OPS535 Lab 3=<br />
==Purpose==<br />
The OpenLDAP software package is a Free and Open Source implementation of the Lightweight Directory Access Protocol (LDAP). It is gaining wide acceptance as the directory access method of the Internet and also with corporate intranets.<br />
In this lab, you set up and configure an OpenLDAP server to provide directory service for LDAP Clients to authenticate network users. You can use OpenLDAP server to replace NIS to centrally store network user account information for OpenLDAP client to authenticate network users.<br />
The basic components of an LDAP server are its Object Classes and Attribute types defined in one or more Schema. To provide the necessary attribute types (ie. Field) for storing Linux (or Unix, aka Posix) user accounts, you need to include the “cosine”, “nis”, and “inetorgperson” schemata in addition to the “core” schema.<br />
Notes: OpenLDAP Use TCP port 389 for regular network communication between clients and servers, and use port 636 for encrypted network communication between clients and servers. If you have firewalls between your LDAP server and LDAP clients, you need to open the above TCP ports on the firewall to allow LDAP traffic to get through.<br />
<br />
Designate vm1 as your LDAP server and use vm2 and vm3 as LDAP clients<br />
<br />
==Pre-Requisites==<br />
The pre-lab must be complete so that your virtual machines share access to a private network. Lab 1 must be complete so each machine has a well configured firewall. Make sure each machine is fully updated.<br />
<br />
==References==<br />
* https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_authentication_and_authorization_in_rhel/configuring-sssd-to-use-ldap-and-require-tls-authentication_configuring-authentication-and-authorization-in-rhel<br />
* https://www.golinuxcloud.com/configure-openldap-with-tls-certificates/<br />
* https://www.golinuxcloud.com/ldap-client-rhel-centos-8<br />
* https://kifarunix.com/configure-sssd-for-openldap-authentication-on-centos-8/<br />
<br />
==Investigation 1: OpenLDAP Server Setup and Configuration==<br />
{{Admon/important|Warning|Make a backup before you start this lab. It is very difficult to recover this service if you make a mistake in configuration.}}<br />
Perform the following steps on vm1<br />
<ol><br />
<li>Install yum-utils</li><br />
<li>Install the symas ldap repo (who now maintain a version of it available for Centos 8:<br />
<ul><li>yum-config-manager --add-repo=https://repo.symas.com/configs/SOFL/rhel8/sofl.repo</li></ul></li><br />
<li>Install the following packages<br />
*openldap<br />
*symas-openldap-clients<br />
*symas-openldap-servers<br />
*perl<br />
</li><br />
<li>In older releases a package called 'migrationtools' was available that contained a number of perl scripts used to convert information from other sources (e.g. /etc/passwd) into ldif files. Since it is no longer part of standard repos in Centos 8, download the copy I have provided on blackboard and extract it to /usr/share/migrationtools.</li><br />
<li>Check the content of the file directory '''/etc/openldap/slapd.d/cn=config/''' for the top branch of OpenLDAP directory configuration files:<br />
<source><br />
cn=schema<br />
cn=schema.ldif<br />
olcDatabase={0}config.ldif<br />
olcDatabase={1}monitor.ldif<br />
olcDatabase={-1}frontend.ldif<br />
olcDatabase={2}mdb.ldif<br />
</source><br />
Examine the contents of olcDatabase={2}mbd.ldif:<br />
<source><br />
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.<br />
# CRC32 d9b49d55<br />
dn: olcDatabase={2}hdb<br />
objectClass: olcDatabaseConfig<br />
objectClass: olcMdbConfig<br />
olcDatabase: {2}mdb<br />
olcDbDirectory: /var/lib/ldap<br />
olcSuffix: dc=my-domain,dc=com<br />
olcRootDN: cn=Manager,dc=my-domain,dc=com<br />
olcDbIndex: objectClass eq,pres<br />
olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub<br />
structuralObjectClass: olcMdbConfig<br />
entryUUID: 5a8d299a-3f2f-1036-9244-a7abff537081<br />
creatorsName: cn=config<br />
createTimestamp: 20161115032843Z<br />
entryCSN: 20161115032843.258885Z#000000#000#000000<br />
modifiersName: cn=config<br />
modifyTimestamp: 20161115032843Z<br />
</source><br />
</li><br />
<li>Verify that the directory for storing the OpenLDAP database ('''/var/lib/ldap''') is owned by ldap:ldap. If this is not the case, fix it now.</li><br />
<li>Verify that the core schema file ('''/etc/openldap/slapd.d/cn=config/cn=schema''') is also owned by ldap:ldap.</li><br />
<li>Start the ldap service ('''slapd'''), and ensure that it will automatically start when your machine boots.<br />
Check the status of the service and ensure that it started without error before continuing.</li><br />
<li>Use the ldap add command to add the cosine, nis, and inetorgperson schemata to your server '''in that order'''.<br />
Use the authentication type '''EXTERNAL''', and '''ldapi:///''' as the host.</li><br />
<li>List the schema directory again. This time you should see the core schema, along with the three schemata you just added.</li><br />
<li>Run an ldapsearch to check that the service is running and will respond to queries:<br />
<source>[root@rns ~]# ldapsearch -x -b '' -s base '(objectClass=*)' namingContexts<br />
# extended LDIF<br />
#<br />
# LDAPv3<br />
# base <> with scope baseObject<br />
# filter: (objectClass=*)<br />
# requesting: namingContexts<br />
#<br />
#<br />
dn:<br />
namingContexts: dc=my-domain,dc=com<br />
# search result<br />
search: 2<br />
result: 0 Success<br />
# numResponses: 2<br />
# numEntries: 1<br />
</source></li><br />
<li>Next, you will need a password for the ldap administrator (RootDN), so that they can run commands to modify the database.<br />
Use the slappasswd command to create one, and record the output.</li><br />
<li>Insert your new password into the following ldif file, and apply it to your database with the ldapmodify command.<br />
{{Admon/important|Warning|Do not store your ldif files (or any other files) in the ldap configuration directory. Every file in that directory is automatically read as configuration for ldap.}}<br />
<source><br />
# customize domain name<br />
dn: olcDatabase={2}mdb,cn=config<br />
changetype: modify<br />
replace: olcSuffix<br />
olcSuffix: dc=ops535,dc=com<br />
<br />
dn: olcDatabase={2}mdb,cn=config<br />
changetype: modify<br />
replace: olcRootDN<br />
olcRootDN: cn=Manager,dc=ops535,dc=com<br />
<br />
dn: olcDatabase={2}mdb,cn=config<br />
changetype: modify<br />
add: olcRootPW<br />
olcRootPW: {SSHA}1Di4Suea6ojE2bFxJhLDScjQyQ97GSef<br />
</source><br />
Make note of the field that this file will modify.<br /><br />
As before, use the authentication type '''EXTERNAL''', and '''ldapi:///''' as the host.<br /><br />
When you run the command you should get output similar to the following:<br />
<source><br />
SASL/EXTERNAL authentication started<br />
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth<br />
SASL SSF: 0<br />
modifying entry "olcDatabase={2}mdb,cn=config"<br />
<br />
modifying entry "olcDatabase={2}mdb,cn=config"<br />
<br />
modifying entry "olcDatabase={2}mdb,cn=config"<br />
</source><br />
</li><br />
<li>Examine the contents of your '''/etc/openldap/slapd.d/cn=config/olcDatabase={2}mdb.ldif''' file again. Your ldif file should have changed three fields. Try to identify them.</li><br />
<li>Create an LDIF file for the base context ops535.com entry to be added to the OpenLDAP<br />
directory. Name the file as base.ldif.<br />
<source><br />
dn: dc=ops535,dc=com<br />
dc: ops535<br />
description: root LDAP entry for ops535<br />
objectClass: dcObject<br />
objectClass: organizationalUnit<br />
ou: rootobject<br />
</source></li><br />
<li>Create an LDIF file for the People container to be added to the OpenLDAP directory. Name the<br />
file as people.ldif<br />
<source>dn: ou=People, dc=ops535, dc=com<br />
ou: People<br />
description: All people in ops535<br />
objectClass: organizationalUnit<br />
</source><br />
</li><br />
<li>Apply those two ldif files to your database.<br /><br />
This time you will need to use simple authentication, identify yourself with a distinguished name (use the ldap administrator whose password you just set), and get prompted for a password.</li><br />
<li><br />
Before we start adding users, we need to provide the migration tools some information about our domain.<br />
<br />
Before you change anything, make a backup of the /usr/share/migrationstools/migrate_common.ph to the /root directory.<br />
Modify the following parameters in the original file to the values shown below:<br />
<source>$DEFAULT_MAIL_DOMAIN = "ops535.com";<br />
$DEFAULT_BASE = "dc=ops535,dc=com";<br />
$EXTENDED_SCHEMA = 1;</source><br />
</li><br />
<br />
<li>Create two new users ('''ldapuser1''' and '''ldapuser2''') on your machine, and set their passwords.<br /><br />
Importing those users into your ldap database will take several steps:<br />
<ul><br />
<li>Extract the passwd entries of ldapuser1 and ldapuser2 from /etc/passwd to a file called<br />
"ldapusers.entry"<br />
<source><br />
grep -w ldapuser1 /etc/passwd > /root/ldapusers.entry<br />
grep -w ldapuser2 /etc/passwd >> /root/ldapusers.entry<br />
</source></li><br />
<li>Use the migrate_passwd.pl file to convert the user information you extracted earlier into an ldif file:<br />
<source>/usr/share/migrationtools/migrate_passwd.pl ldapusers.entry /root/ldapusers.ldif</source><br />
This should generate an ldif file similar to the following:<br />
<source><br />
dn: uid=ldapuser1,ou=People,dc=ops535,dc=com<br />
uid: ldapuser1<br />
cn: ldapuser1<br />
sn: ldapuser1<br />
mail: ldapuser1@ops535.com<br />
objectClass: person<br />
objectClass: organizationalPerson<br />
objectClass: inetOrgPerson<br />
objectClass: posixAccount<br />
objectClass: top<br />
objectClass: shadowAccount<br />
userPassword: {crypt}<br />
$6$PBqQXRo/ugCCjBe0.ZgvmJl8U2tVjpdR8X9bh4OZ1cl3mv4xf0Hv1HSDavkxusO8R3lI<br />
uuJ7skrfqpTQpbZ6hbd3e3BGB.<br />
shadowLastChange: 17120<br />
shadowMin: 0<br />
shadowMax: 99999<br />
shadowWarning: 7<br />
loginShell: /bin/bash<br />
uidNumber: 5001<br />
gidNumber: 5001<br />
homeDirectory: /home/ldapuser1<br />
<br />
dn: uid=ldapuser2,ou=People,dc=ops535,dc=com<br />
uid: ldapuser2<br />
cn: ldapuser2<br />
sn: ldapuser2<br />
mail: ldapuser2@ops535.com<br />
objectClass: person<br />
objectClass: organizationalPersonobjectClass: inetOrgPerson<br />
objectClass: posixAccount<br />
objectClass: top<br />
objectClass: shadowAccount<br />
userPassword: {crypt}<br />
$6$VNkVk1TQ$Rgz4GnQlqPBcHhIinUqxFGnqHZmnHHrFyCQ1ZsekoRjHnaKvb84YtjfFRPL<br />
/xcbryrQRL5eNZeP01A3AdC2lv1<br />
shadowLastChange: 17120<br />
shadowMin: 0<br />
shadowMax: 99999<br />
shadowWarning: 7<br />
loginShell: /bin/bash<br />
uidNumber: 5002<br />
gidNumber: 5002<br />
homeDirectory: /home/ldapuser2<br />
</source></li><br />
</ul><br />
</li><br />
<li>Use ldapadd to enter this new information into the database. As before use simple authentication, the distinguished name of the ldap administrator, and get prompted for a password.</li><br />
<li>Use ldapsearch to confirm that the new users have been added to the database.<br /><br />
You should get output similar to the following:<br />
<source><br />
# extended LDIF<br />
#<br />
# LDAPv3<br />
# base <dc=ops535,dc=com> with scope subtree<br />
# filter: (objectClass=*)<br />
# requesting: ALL<br />
#<br />
<br />
# ops535.com<br />
dn: dc=ops535,dc=com<br />
objectClass: top<br />
objectClass: dcObject<br />
objectClass: organization<br />
o: ops535 com<br />
dc: ops535<br />
<br />
# Manager, ops535.com<br />
dn: cn=Manager,dc=ops535,dc=com<br />
objectClass: organizationalRole<br />
cn: Manager<br />
description: Directory Manager<br />
<br />
# People, ops535.com<br />
dn: ou=People,dc=ops535,dc=com<br />
objectClass: organizationalUnit<br />
ou: People<br />
<br />
# ldapuser1, People, ops535.com<br />
dn: uid=ldapuser1,ou=People,dc=ops535,dc=com<br />
uid: ldapuser1<br />
cn: ldapuser1<br />
sn: ldapuser1<br />
mail: ldapuser1@ops535.com<br />
objectClass: personobjectClass: organizationalPerson<br />
objectClass: inetOrgPerson<br />
objectClass: posixAccount<br />
objectClass: top<br />
objectClass: shadowAccount<br />
userPassword:: e2NyeXB0fSQ2JFBCcVFYUm8vJHVnQ0NqQmUwLlpndm1KbDhVMnRWanBkUjhYOWJ<br />
oNE9aMWNsM212NHhmMEh2MUhTRGF2a3h1c084UjNsSXV1Sjdza3JmcXBUUXBiWjZoYmQzZTNCR0Iu<br />
shadowLastChange: 17120<br />
shadowMin: 0<br />
shadowMax: 99999<br />
shadowWarning: 7<br />
loginShell: /bin/bash<br />
uidNumber: 5001<br />
gidNumber: 5001<br />
homeDirectory: /home/ldapuser1<br />
<br />
# ldapuser2, People, ops535.com<br />
dn: uid=ldapuser2,ou=People,dc=ops535,dc=com<br />
uid: ldapuser2<br />
cn: ldapuser2<br />
sn: ldapuser2<br />
mail: ldapuser2@ops535.com<br />
objectClass: person<br />
objectClass: organizationalPerson<br />
objectClass: inetOrgPerson<br />
objectClass: posixAccount<br />
objectClass: top<br />
objectClass: shadowAccount<br />
userPassword:: e2NyeXB0fSQ2JFZOa1ZrMVRRJFJnejRHblFscVBCY0hoSWluVXF4RkducUhabW5<br />
ISHJGeUNRMVpzZWtvUmpIbmFLdmI4NFl0amZGUlBML3hjYnJ5clFSTDVlTlplUDAxQTNBZEMybHYx<br />
shadowLastChange: 17120<br />
shadowMin: 0<br />
shadowMax: 99999<br />
shadowWarning: 7<br />
loginShell: /bin/bash<br />
uidNumber: 5002<br />
gidNumber: 5002<br />
homeDirectory: /home/ldapuser2<br />
<br />
# search result<br />
search: 2<br />
result: 0 Success<br />
<br />
# numResponses: 10<br />
# numEntries: 5<br />
</source></li><br />
<li>Create an ldif file called group.ldif that will add an organizational unit with the distinguished name '''ou=Group, dc=ops535, dc=com'''.<br />
It will act as an organizer for group information.</li><br />
<li>Use the /etc/group file and migrate_group.pl to create an ldif file that will add the group entries for ldapuser1 and ldapuser2 to your database.</li><br />
<li>Add the group entries for ldapuser1 and ldapuser2 to your database.<br />
Use ldapsearch to confirm that they have been added.</li><br />
<li>Modify your firewall to allow incoming ldap traffic from your internal zone. Make sure that this change persists past reboot.</li><br />
</ol><br />
<br />
==Investigation 2: Modifying OpenLDAP Server Configuration to use TLS==<br />
{{Admon/important|Warning|This is a good time to make another backup of VM1.}}<br />
In this investigation we will modify the OpenLDAP server we just created to use TLS to encrypt the data it provides, you should notice that many of these steps are similar to the process of modifying postfix and apache servers to use TLS. Perform these steps on vm1.<br />
<ol><br />
<li>Install the openssl package</li><br />
<li>Run the following commands to create a self-signed TLS certificate for your server (make sure you replace the values with ones from your machine):<br />
{{Admon/important|Warning|As you run these commands, read the output carefully. If you encounter any errors you must resolve them before continuing to the next command.}}<br />
<source><br />
openssl genrsa -des3 -out ca.key 4096<br />
openssl req -new -x509 -days 365 -key ca.key -out ca.cert.pem<br />
openssl genrsa -out vm1.pcallagh.ops.key 4096<br />
openssl req -new -key vm1.pcallagh.ops.key -out vm1.pcallagh.ops.csr<br />
openssl x509 -req -in vm1.pcallagh.ops.csr -CA ca.cert.pem -CAkey ca.key -out vm1.pcallagh.ops.crt -CAcreateserial -days 365 -sha256<br />
</source></li><br />
<li>Copy the certificate, the private key, and the certificte authority file to an appropriate directory (make sure the directory and the files in it are owned by the ldap account and that the directory has permissions set to 0700 and the files have 0600):<br />
<source>cp ldap.pcallagh.ops.crt ldap.pcallagh.ops.key ca.cert.pem /etc/openldap/certs/</source></li><br />
<li>Write an ldif file and add the following values to '''dn: cn=config''' (again making sure to put in values from your own machine):<br />
<source><br />
olcTLSCertificateFile: /etc/openldap/certs/vm1.pcallagh.ops.crt<br />
olcTLSCertificateKeyFile: /etc/openldap/certs/vm1.pcallagh.ops.key<br />
olcTLSCACertificateFile: /etc/openldap/certs/ca.cert.pem<br />
</source><br />
{{Admon/important|Warning|Read the output of the ldapmodify command carefully. If you encounter any errors you must resolve them before continuing to the next command.}}</li><br />
<li>You can use slapcat to ensure they are set correctly:<br />
<source>slapcat -b "cn=config" | egrep "Certificate(Key)?File"</source></li><br />
<li>Update /etc/openldap/ldap.conf to locate your CACERT, and to indicate that ldaps is now allowed:<br />
<ul><li>Set the URI parameter to ldaps://vm1.<yourdomain>.ops. It is suggested you also include ldapi:/// so local connections are allowed.</li><br />
<li>Set TLSCACERT to the absolute path of your certificate authority file (e.g. /etc/openldap/certs/ca.cert.pem).</li><br />
<li>Set TLSCACERTDIR to the directory your certificate authority file is in (e.g. /etc/openldap/certs).</li></ul></li><br />
<li>Update your firewall to permanently allow ldaps instead of ldap.</li><br />
<li>Double check that you can still use ldapsearch before continuing to the next investigation.</li><br />
</ol><br />
<br />
==Investigation 3: Setup and Configure OpenLdap Client Through SSSD ==<br />
Perform the following steps on vm2:<br />
<ol><br />
<li>Install yum-utils</li><br />
<li>Install the symas ldap repo<br />
<li>Install the following packages<br />
*symas-openldap-clients<br />
*sssd<br />
*sssd-ldap<br />
*sssd-tools<br />
*openssl-perl<br />
</li><br />
<li>If you would like to actually log into the client machines as an ldap user, you need to reconfigure the way the system authentication processes your login. To do this, you will use the authselect tool on the client machine.<br /><br />
Note: the ldap user does not have home directory on the client unless you provide it via NFS.</li><br />
<li>Copy the server's signed certificate onto the client:<br />
*openssl s_client -connect <hostname or ip address of your ldap server>:636 -showcerts < /dev/null | openssl x509 -text > /etc/openldap/certs/cacert.crt</li><br />
<li>Set up the SSSD service to use ldap for authentication.<br />
<ul><li>Start by adding the following settings to /etc/sssd/sssd.conf<br /><br />
Note that you may have to create /etc/sssd/sssd.conf yourself. Make sure the file is owned by root:root and that the permissions are 0600.<br />
<source><br />
[sssd]<br />
services = nss, pam<br />
config_file_version = 2<br />
domains = default<br />
<br />
[sudo]<br />
<br />
[nss]<br />
homedir_substring = /home<br />
<br />
[pam]<br />
offline_credentials_expiration = 60<br />
<br />
[domain/default]<br />
ldap_id_use_start_tls = True<br />
cache_credentials = True<br />
ldap_search_base = <The Base DN from your ldap server><br />
id_provider = ldap<br />
auth_provider = ldap<br />
chpass_provider = ldap<br />
access_provider = ldap<br />
ldap_uri = ldaps://<HOSTNAME or IP ADDRESS of your ldap server><br />
ldap_chpass_uri = ldaps://<HOSTNAME or IP ADDRESS of your ldap server><br />
ldap_tls_reqcert = allow<br />
ldap_tls_cacert = <The absolute path of the certificate you copied over from the server><br />
ldap_tls_cacertdir = <The absolute path to the directory the server's certificate is in><br />
ldap_search_timeout = 50<br />
ldap_network_timeout = 60<br />
ldap_access_order = filter<br />
ldap_access_filter = (objectClass=posixAccount)<br />
</source></li><br />
<li>Now direct sssd to use those changes by running 'authselect select sssd --force'. you need the --force option to make it make changes to several files.</li><br />
<li>Test your configuration with 'sssctl config-check' and fix any errors it identifies</li><br />
<li>Once your configuration passes the sssctl check, start and enable sssd.</li><br />
</ul></li><br />
<li>Test that your machine is connected to the ldap server by searching for the ldapuser 1 account:<br />
<source>id ldapuser1</source><br />
You should get something similar to the following (but may not be exactly the same):<br />
<source>uid=1002(ldapuser1) gid=1002(ldapuser1) groups=1002(ldapuser1)</source><br />
</li><br />
<li>If you want to be able to use commands like ldapsearch from this machine, you will also need to configure ldap in /etc/openldap/ldap.conf. This configuration file should already exist, you just need to modify the parameters to identify the LDAP server and location of its certificate.<br />
<ul><br />
<li>BASE <base DC from your ldap server></li><br />
<li>URI ldaps://<hostname or ip address of your ldap server></li><br />
<li>TLS_CACERT <the absolute path of the certificate you downloaded from the server earlier.></li><br />
<li>TLS_CACERTDIR <the directory you saved the certificate in></li><br />
</ul></li><br />
<br />
<li>Test your OpenLDAP client with the ldapsearch command.<br />
<source>ldapsearch -x 'uid=ldapuser1'</source><br />
You should get results similar to the following:<br />
<source><br />
# extended LDIF<br />
#<br />
# LDAPv3<br />
# base <dc=ops535,dc=com> (default) with scope subtree<br />
# filter: uid=ldapuser1<br />
# requesting: ALL<br />
#<br />
<br />
# ldapuser1, People, ops535.com<br />
dn: uid=ldapuser1,ou=People,dc=ops535,dc=com<br />
uid: ldapuser1<br />
cn: ldapuser1<br />
sn: ldapuser1<br />
mail: ldapuser1@ops535.com<br />
objectClass: person<br />
objectClass: organizationalPerson<br />
objectClass: inetOrgPerson<br />
objectClass: posixAccount<br />
objectClass: top<br />
objectClass: shadowAccount<br />
userPassword:: e2NyeXB0fSQ2JFBCcVFYUm8vJHVnQ0NqQmUwLlpndm1KbDhVMnRWanBkUjhYOWJ<br />
oNE9aMWNsM212NHhmMEh2MUhTRGF2a3h1c084UjNsSXV1Sjdza3JmcXBUUXBiWjZoYmQzZTNCR0Iu<br />
shadowLastChange: 17120<br />
shadowMin: 0<br />
shadowMax: 99999<br />
shadowWarning: 7<br />
loginShell: /bin/bash<br />
uidNumber: 5001<br />
gidNumber: 5001<br />
homeDirectory: /home/ldapuser1<br />
# search resultsearch: 2<br />
result: 0 Success<br />
# numResponses: 2<br />
# numEntries: 1<br />
</source></li><br />
<li>Logout of the client machine, then log back in using the ldapuser1 account.</li><br />
<li>Repeat steps 1 through 7 on vm3.</li><br />
</ol><br />
<br />
==Investigation 4: Update LDAP Configuration==<br />
<ol><li>Add the following user accounts to your LDAP server:<br/><br />
user name: your seneca id – password: pick your own<br/><br />
rchan – password: ops535<br/><br />
seneca – password: ops535</li><br />
<li>Run the ldapsearch command for each user, and confirm that their information is correct</li><br />
<li>Consult the man page on ldappasswd to find out how to change an LDAP user's password.<br />
Change seneca's password to seneca.</li><br />
<li>Consult the man page on ldapdelete to find out how to remove an LDAP user. Delete ldapuser2.</li><br />
</ol><br />
<br />
==Completing the Lab==<br />
You should now have a server providing centralized management of your user information. A service like this will make it much easier to manage and maintain users in your network. When combined with a service like NFS, this centralizes user management and make it much easier to scale your network up.<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==<br />
# What changes would you make in NFS to provide remote access to home directories?</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=Ops535_online_a1&diff=155085Ops535 online a12021-06-12T03:17:04Z<p>Rchan: /* DNS servers */</p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]]<br />
=Due Date=<br />
'''Tuesday, June 22, 2021'''<br />
* 15% of you final grade.<br />
<br />
= Required VMs =<br />
The four VMs assigned to you in the OPS535 Virtual Lab. Please ask your professor for information on how to access those VMs. The following are the general description for those four VMs:<br />
* VM1 - has three virtual network interfaces connected to three different virtual networks, they are <br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.1) for connecting to the lab's public network and the Internet. DO NOT change the network configuration on this network interface.<br />
** ens224, for connecting to the other three VMs in a private network. You will assign a private address 192.168.v.1 for this network interface.<br />
** ens256, do not use for this assignment.<br />
* VM2, VM3, and VM4 - each has two virtual network interfaces connected to two different virtual networks, they are<br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.2, 172.20.v.3, 172.20.v.4) 172.for connecting to the lab's public network and the Internet.<br />
** ens224, connect to the other three VMs. You will assign 192.168.v.2-4 to VM2, VM3, and VM4.<br />
<br />
= Hostname and Private IP addresses for the ens224 NIC =<br />
* VM1 - 192.168.v.1, router.<yourdomain>.ops<br />
* VM2 - 192.168.v.2, pri-dns.<yourdomain>.ops<br />
* VM3 - 192.168.v.3, co-nfs.<yourdomain>.ops<br />
* VM4 - 192.168.v.4, rns-ldap.<yourdomain>.ops<br />
<br />
<br />
Please note that the value of "v" given about may not have the same value as your assigned network number on Blackboard. Please replace "v" by the value of the third octet of the IP address assigned to your ens192 network interface by the lab's DHCP server.<br />
<br />
= Required Services and roles on each VM =<br />
== DNS servers ==<br />
You need three DNS servers for this assignment: <br />
:* Primary DNS server: running on VM2, pri-dns.<yourdomain>.ops, which is authoritative for your domain. It will be non-recursive, and must allow anyone to request answers to DNS queries of your domain.<br />
:* Caching-only DNS server: running on VM3, co-nfs.<yourdomain>.ops, which allows DNS queries only from network devices in your own private network. It will perform recursive DNS queries to the appropriate DNS servers or on its cache for answers.<br />
:* Root Name server: running on VM4, rns-ldap.<yourdomain>.ops, which is authoritative for the root zone only. It will answer queries from anyone to request DNS queries for the entire DNS namespace. You need to <b>collaborate</b> other root name server players in the virtual lab environment. You should [[Domainreg| register and/or check your network and domain information here]]<br />
<br />
== NFS Server - on VM co-nfs ==<br />
:* This VM will centrally host all of your <b>new network users’</b> home directories, allowing remote access through NFS version 4.<br />
:* Use the appropriate export option(s) (pay particular attention to root_squash and no_root_squash) when exporting network users' home directories.<br />
:* Superuser on the other VMs should not have root privilege on the exported directory, with the exception of the VM that is running the LDAP server.<br />
:* VMs outside your private network must not be able to contact this service. Every VM in your network (including those that have not yet been created) must have access to this service. <br />
:* Network users should not have read or write access to other network users' home directories.<br />
<br />
==LDAP Server - on VM rns-ldap==<br />
:* LDAP Base Name – <yourdomain>.ops, where <yourdomain> is your assigned domain.<br />
:* This VM will act as an LDAPs server and provide user and group information to your other VMs.<br />
:* Other students VMs in the virtual lab must not be able to contact this service.<br />
<br />
==Network, firewall, and SELinux==<br />
:* All your VMs must be accessible to each other via the private network.<br />
:* Do not allow DNS queries from any VMs in your network to any DNS servers in the lab except your caching-only DNS server.<br />
:* SELinux must be turned on and run in enforcing mode on all of your VMs. You may need to configure the SELinux booleans accordingly.<br />
:* Your VM1 must use iptables.service and VM2 to VM4 must use firewalld.service as their firewall. For firewalld.service, the ens192 interface should be set up in the 'public' zone and the ens224 interface should be set up in the ‘work’ zone. In addition to ssh traffic, your firewalls should only allow the traffic necessary to fulfil the roles described above.<br />
<br />
==Method of implementation==<br />
* Do not configure the required services manually with CLI, all the configuration must be done by using one of the following automation framework:<br />
** customized bash script with ssh, or<br />
** fabric tasks, or<br />
** ansible playbook.<br />
<br />
= Changes Log =<br />
Due to the dynamic and volatile nature of the IT industrial, this assignment specification may be changed in a daily basis to reflect the changing environment. All changes and modifications to this assignment requirement will be posted here. This requirement document will be frozen at least three days before the due date.<br />
* Released on June 4, 2021.<br />
<br />
=Grading=<br />
Shortly before the due date I will post a rubric on blackboard. On the due date I will <br />
:* provide a script that will gather information from your VMs and create a tar file from them. You will upload that tar file to blackboard with your automation scripts/files.<br />
:* run a test script from any machines in the virtual lab to scan and test all the required services you should provided. <br />
:* perform a disaster recovery test - one of your VMs will be reset to its baseline condition/configuration and you have 30 minutes to apply your automation script(s) to bring it back to the level this assignment required.<br />
<br />
=Questions=<br />
If you have any questions about this assignment, please talk to your professor before the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=Ops535_online_a1&diff=155084Ops535 online a12021-06-12T03:16:44Z<p>Rchan: /* DNS servers */</p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]]<br />
=Due Date=<br />
'''Tuesday, June 22, 2021'''<br />
* 15% of you final grade.<br />
<br />
= Required VMs =<br />
The four VMs assigned to you in the OPS535 Virtual Lab. Please ask your professor for information on how to access those VMs. The following are the general description for those four VMs:<br />
* VM1 - has three virtual network interfaces connected to three different virtual networks, they are <br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.1) for connecting to the lab's public network and the Internet. DO NOT change the network configuration on this network interface.<br />
** ens224, for connecting to the other three VMs in a private network. You will assign a private address 192.168.v.1 for this network interface.<br />
** ens256, do not use for this assignment.<br />
* VM2, VM3, and VM4 - each has two virtual network interfaces connected to two different virtual networks, they are<br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.2, 172.20.v.3, 172.20.v.4) 172.for connecting to the lab's public network and the Internet.<br />
** ens224, connect to the other three VMs. You will assign 192.168.v.2-4 to VM2, VM3, and VM4.<br />
<br />
= Hostname and Private IP addresses for the ens224 NIC =<br />
* VM1 - 192.168.v.1, router.<yourdomain>.ops<br />
* VM2 - 192.168.v.2, pri-dns.<yourdomain>.ops<br />
* VM3 - 192.168.v.3, co-nfs.<yourdomain>.ops<br />
* VM4 - 192.168.v.4, rns-ldap.<yourdomain>.ops<br />
<br />
<br />
Please note that the value of "v" given about may not have the same value as your assigned network number on Blackboard. Please replace "v" by the value of the third octet of the IP address assigned to your ens192 network interface by the lab's DHCP server.<br />
<br />
= Required Services and roles on each VM =<br />
== DNS servers ==<br />
You need three DNS servers for this assignment: <br />
:* Primary DNS server: running on VM2, pri-dns.<yourdomain>.ops, which is authoritative for your domain. It will be non-recursive, and must allow anyone to request answers to DNS queries of your domain.<br />
:* Caching-only DNS server: running on VM3, co-nfs.<yourdomain>.ops, which allows DNS queries only from network devices in your own private network. It will perform recursive DNS queries to the appropriate DNS servers or on its cache for answers.<br />
:* Root Name server: running on VM4, rns-ldap.<yourdomain>.ops, which is authoritative for the root zone only. It will answer queries from anyone to request DNS queries for the entire DNS namespace. You need to <b>collaborate</b> other root name server players in the virtual lab environment. You should [[Domainrge| register and/or check your network and domain information here]]<br />
<br />
== NFS Server - on VM co-nfs ==<br />
:* This VM will centrally host all of your <b>new network users’</b> home directories, allowing remote access through NFS version 4.<br />
:* Use the appropriate export option(s) (pay particular attention to root_squash and no_root_squash) when exporting network users' home directories.<br />
:* Superuser on the other VMs should not have root privilege on the exported directory, with the exception of the VM that is running the LDAP server.<br />
:* VMs outside your private network must not be able to contact this service. Every VM in your network (including those that have not yet been created) must have access to this service. <br />
:* Network users should not have read or write access to other network users' home directories.<br />
<br />
==LDAP Server - on VM rns-ldap==<br />
:* LDAP Base Name – <yourdomain>.ops, where <yourdomain> is your assigned domain.<br />
:* This VM will act as an LDAPs server and provide user and group information to your other VMs.<br />
:* Other students VMs in the virtual lab must not be able to contact this service.<br />
<br />
==Network, firewall, and SELinux==<br />
:* All your VMs must be accessible to each other via the private network.<br />
:* Do not allow DNS queries from any VMs in your network to any DNS servers in the lab except your caching-only DNS server.<br />
:* SELinux must be turned on and run in enforcing mode on all of your VMs. You may need to configure the SELinux booleans accordingly.<br />
:* Your VM1 must use iptables.service and VM2 to VM4 must use firewalld.service as their firewall. For firewalld.service, the ens192 interface should be set up in the 'public' zone and the ens224 interface should be set up in the ‘work’ zone. In addition to ssh traffic, your firewalls should only allow the traffic necessary to fulfil the roles described above.<br />
<br />
==Method of implementation==<br />
* Do not configure the required services manually with CLI, all the configuration must be done by using one of the following automation framework:<br />
** customized bash script with ssh, or<br />
** fabric tasks, or<br />
** ansible playbook.<br />
<br />
= Changes Log =<br />
Due to the dynamic and volatile nature of the IT industrial, this assignment specification may be changed in a daily basis to reflect the changing environment. All changes and modifications to this assignment requirement will be posted here. This requirement document will be frozen at least three days before the due date.<br />
* Released on June 4, 2021.<br />
<br />
=Grading=<br />
Shortly before the due date I will post a rubric on blackboard. On the due date I will <br />
:* provide a script that will gather information from your VMs and create a tar file from them. You will upload that tar file to blackboard with your automation scripts/files.<br />
:* run a test script from any machines in the virtual lab to scan and test all the required services you should provided. <br />
:* perform a disaster recovery test - one of your VMs will be reset to its baseline condition/configuration and you have 30 minutes to apply your automation script(s) to bring it back to the level this assignment required.<br />
<br />
=Questions=<br />
If you have any questions about this assignment, please talk to your professor before the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=Ops535_online_a1&diff=155083Ops535 online a12021-06-12T03:16:05Z<p>Rchan: /* DNS servers */</p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]]<br />
=Due Date=<br />
'''Tuesday, June 22, 2021'''<br />
* 15% of you final grade.<br />
<br />
= Required VMs =<br />
The four VMs assigned to you in the OPS535 Virtual Lab. Please ask your professor for information on how to access those VMs. The following are the general description for those four VMs:<br />
* VM1 - has three virtual network interfaces connected to three different virtual networks, they are <br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.1) for connecting to the lab's public network and the Internet. DO NOT change the network configuration on this network interface.<br />
** ens224, for connecting to the other three VMs in a private network. You will assign a private address 192.168.v.1 for this network interface.<br />
** ens256, do not use for this assignment.<br />
* VM2, VM3, and VM4 - each has two virtual network interfaces connected to two different virtual networks, they are<br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.2, 172.20.v.3, 172.20.v.4) 172.for connecting to the lab's public network and the Internet.<br />
** ens224, connect to the other three VMs. You will assign 192.168.v.2-4 to VM2, VM3, and VM4.<br />
<br />
= Hostname and Private IP addresses for the ens224 NIC =<br />
* VM1 - 192.168.v.1, router.<yourdomain>.ops<br />
* VM2 - 192.168.v.2, pri-dns.<yourdomain>.ops<br />
* VM3 - 192.168.v.3, co-nfs.<yourdomain>.ops<br />
* VM4 - 192.168.v.4, rns-ldap.<yourdomain>.ops<br />
<br />
<br />
Please note that the value of "v" given about may not have the same value as your assigned network number on Blackboard. Please replace "v" by the value of the third octet of the IP address assigned to your ens192 network interface by the lab's DHCP server.<br />
<br />
= Required Services and roles on each VM =<br />
== DNS servers ==<br />
You need three DNS servers for this assignment: <br />
:* Primary DNS server: running on VM2, pri-dns.<yourdomain>.ops, which is authoritative for your domain. It will be non-recursive, and must allow anyone to request answers to DNS queries of your domain.<br />
:* Caching-only DNS server: running on VM3, co-nfs.<yourdomain>.ops, which allows DNS queries only from network devices in your own private network. It will perform recursive DNS queries to the appropriate DNS servers or on its cache for answers.<br />
:* Root Name server: running on VM4, rns-ldap.<yourdomain>.ops, which is authoritative for the root zone only. It will answer queries from anyone to request DNS queries for the entire DNS namespace. You need to <b>collaborate</b> other root name server players in the virtual lab environment. You should register and/or check your network and domain information [[Domainreg | here]]<br />
<br />
== NFS Server - on VM co-nfs ==<br />
:* This VM will centrally host all of your <b>new network users’</b> home directories, allowing remote access through NFS version 4.<br />
:* Use the appropriate export option(s) (pay particular attention to root_squash and no_root_squash) when exporting network users' home directories.<br />
:* Superuser on the other VMs should not have root privilege on the exported directory, with the exception of the VM that is running the LDAP server.<br />
:* VMs outside your private network must not be able to contact this service. Every VM in your network (including those that have not yet been created) must have access to this service. <br />
:* Network users should not have read or write access to other network users' home directories.<br />
<br />
==LDAP Server - on VM rns-ldap==<br />
:* LDAP Base Name – <yourdomain>.ops, where <yourdomain> is your assigned domain.<br />
:* This VM will act as an LDAPs server and provide user and group information to your other VMs.<br />
:* Other students VMs in the virtual lab must not be able to contact this service.<br />
<br />
==Network, firewall, and SELinux==<br />
:* All your VMs must be accessible to each other via the private network.<br />
:* Do not allow DNS queries from any VMs in your network to any DNS servers in the lab except your caching-only DNS server.<br />
:* SELinux must be turned on and run in enforcing mode on all of your VMs. You may need to configure the SELinux booleans accordingly.<br />
:* Your VM1 must use iptables.service and VM2 to VM4 must use firewalld.service as their firewall. For firewalld.service, the ens192 interface should be set up in the 'public' zone and the ens224 interface should be set up in the ‘work’ zone. In addition to ssh traffic, your firewalls should only allow the traffic necessary to fulfil the roles described above.<br />
<br />
==Method of implementation==<br />
* Do not configure the required services manually with CLI, all the configuration must be done by using one of the following automation framework:<br />
** customized bash script with ssh, or<br />
** fabric tasks, or<br />
** ansible playbook.<br />
<br />
= Changes Log =<br />
Due to the dynamic and volatile nature of the IT industrial, this assignment specification may be changed in a daily basis to reflect the changing environment. All changes and modifications to this assignment requirement will be posted here. This requirement document will be frozen at least three days before the due date.<br />
* Released on June 4, 2021.<br />
<br />
=Grading=<br />
Shortly before the due date I will post a rubric on blackboard. On the due date I will <br />
:* provide a script that will gather information from your VMs and create a tar file from them. You will upload that tar file to blackboard with your automation scripts/files.<br />
:* run a test script from any machines in the virtual lab to scan and test all the required services you should provided. <br />
:* perform a disaster recovery test - one of your VMs will be reset to its baseline condition/configuration and you have 30 minutes to apply your automation script(s) to bring it back to the level this assignment required.<br />
<br />
=Questions=<br />
If you have any questions about this assignment, please talk to your professor before the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=Ops535_online_a1&diff=155082Ops535 online a12021-06-12T03:15:35Z<p>Rchan: /* DNS servers */</p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]]<br />
=Due Date=<br />
'''Tuesday, June 22, 2021'''<br />
* 15% of you final grade.<br />
<br />
= Required VMs =<br />
The four VMs assigned to you in the OPS535 Virtual Lab. Please ask your professor for information on how to access those VMs. The following are the general description for those four VMs:<br />
* VM1 - has three virtual network interfaces connected to three different virtual networks, they are <br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.1) for connecting to the lab's public network and the Internet. DO NOT change the network configuration on this network interface.<br />
** ens224, for connecting to the other three VMs in a private network. You will assign a private address 192.168.v.1 for this network interface.<br />
** ens256, do not use for this assignment.<br />
* VM2, VM3, and VM4 - each has two virtual network interfaces connected to two different virtual networks, they are<br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.2, 172.20.v.3, 172.20.v.4) 172.for connecting to the lab's public network and the Internet.<br />
** ens224, connect to the other three VMs. You will assign 192.168.v.2-4 to VM2, VM3, and VM4.<br />
<br />
= Hostname and Private IP addresses for the ens224 NIC =<br />
* VM1 - 192.168.v.1, router.<yourdomain>.ops<br />
* VM2 - 192.168.v.2, pri-dns.<yourdomain>.ops<br />
* VM3 - 192.168.v.3, co-nfs.<yourdomain>.ops<br />
* VM4 - 192.168.v.4, rns-ldap.<yourdomain>.ops<br />
<br />
<br />
Please note that the value of "v" given about may not have the same value as your assigned network number on Blackboard. Please replace "v" by the value of the third octet of the IP address assigned to your ens192 network interface by the lab's DHCP server.<br />
<br />
= Required Services and roles on each VM =<br />
== DNS servers ==<br />
You need three DNS servers for this assignment: <br />
:* Primary DNS server: running on VM2, pri-dns.<yourdomain>.ops, which is authoritative for your domain. It will be non-recursive, and must allow anyone to request answers to DNS queries of your domain.<br />
:* Caching-only DNS server: running on VM3, co-nfs.<yourdomain>.ops, which allows DNS queries only from network devices in your own private network. It will perform recursive DNS queries to the appropriate DNS servers or on its cache for answers.<br />
:* Root Name server: running on VM4, rns-ldap.<yourdomain>.ops, which is authoritative for the root zone only. It will answer queries from anyone to request DNS queries for the entire DNS namespace. You need to <b>collaborate</b> other root name server players in the virtual lab environment. You should register your network and domain information [[Domainreg | here]]<br />
<br />
== NFS Server - on VM co-nfs ==<br />
:* This VM will centrally host all of your <b>new network users’</b> home directories, allowing remote access through NFS version 4.<br />
:* Use the appropriate export option(s) (pay particular attention to root_squash and no_root_squash) when exporting network users' home directories.<br />
:* Superuser on the other VMs should not have root privilege on the exported directory, with the exception of the VM that is running the LDAP server.<br />
:* VMs outside your private network must not be able to contact this service. Every VM in your network (including those that have not yet been created) must have access to this service. <br />
:* Network users should not have read or write access to other network users' home directories.<br />
<br />
==LDAP Server - on VM rns-ldap==<br />
:* LDAP Base Name – <yourdomain>.ops, where <yourdomain> is your assigned domain.<br />
:* This VM will act as an LDAPs server and provide user and group information to your other VMs.<br />
:* Other students VMs in the virtual lab must not be able to contact this service.<br />
<br />
==Network, firewall, and SELinux==<br />
:* All your VMs must be accessible to each other via the private network.<br />
:* Do not allow DNS queries from any VMs in your network to any DNS servers in the lab except your caching-only DNS server.<br />
:* SELinux must be turned on and run in enforcing mode on all of your VMs. You may need to configure the SELinux booleans accordingly.<br />
:* Your VM1 must use iptables.service and VM2 to VM4 must use firewalld.service as their firewall. For firewalld.service, the ens192 interface should be set up in the 'public' zone and the ens224 interface should be set up in the ‘work’ zone. In addition to ssh traffic, your firewalls should only allow the traffic necessary to fulfil the roles described above.<br />
<br />
==Method of implementation==<br />
* Do not configure the required services manually with CLI, all the configuration must be done by using one of the following automation framework:<br />
** customized bash script with ssh, or<br />
** fabric tasks, or<br />
** ansible playbook.<br />
<br />
= Changes Log =<br />
Due to the dynamic and volatile nature of the IT industrial, this assignment specification may be changed in a daily basis to reflect the changing environment. All changes and modifications to this assignment requirement will be posted here. This requirement document will be frozen at least three days before the due date.<br />
* Released on June 4, 2021.<br />
<br />
=Grading=<br />
Shortly before the due date I will post a rubric on blackboard. On the due date I will <br />
:* provide a script that will gather information from your VMs and create a tar file from them. You will upload that tar file to blackboard with your automation scripts/files.<br />
:* run a test script from any machines in the virtual lab to scan and test all the required services you should provided. <br />
:* perform a disaster recovery test - one of your VMs will be reset to its baseline condition/configuration and you have 30 minutes to apply your automation script(s) to bring it back to the level this assignment required.<br />
<br />
=Questions=<br />
If you have any questions about this assignment, please talk to your professor before the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=Domainreg&diff=155080Domainreg2021-06-11T18:32:11Z<p>Rchan: </p>
<hr />
<div>Script for generating the root zone file from this wiki page: [[Get-root-zone]]<br />
<br />
Remember Add your nameserver's hostname as well as the IP (ex: ns1.mydomain.com or nameserver.mydomain.com)<br />
<br />
{|class="wikitable sortable" border="2" width="80%"<br />
<br />
!Name<br />
! Domain Name<br />
! Network<br />
! Name Server IP<br />
! Name Server Host<br />
! Root Nameserver<br />
<br />
|-<br />
|[[User:rchan|Chan, Raymond]]<br />
|rchan.ops<br />
|172.20.0.0<br />
|172.20.0.1<br />
|pri-dns.rchan.ops<br />
|<br />
<br />
|-<br />
|[[User:makash|Akash,Md]]<br />
|myuakash.ops<br />
|192.168.1.0<br />
|192.168.1.2<br />
|pri-dns.myuakash.ops<br />
|rns-ldap.myuakash.ops<br />
<br />
|-<br />
|[[User:bakbar|Akbar,Bilal]]<br />
|bakbar1.ops<br />
|192.168.2.0<br />
|192.168.2.2<br />
|pri-dns.bakbar1.ops<br />
|rns-ldap.bakbar1.ops<br />
<br />
|-<br />
|[[User:raxat|Axat,Rashmikant]]<br />
|saxat-rashmikant.ops<br />
|192.168.3.0<br />
|192.168.3.2<br />
|pri-dns.saxat-rashmikant.ops<br />
|rns-ldap.saxat-rashmikant.ops<br />
<br />
|-<br />
|[[User:nbehal|Behal,Nischay]]<br />
|nbehal3.ops<br />
|192.168.4.0<br />
|192.168.4.2<br />
|pri-dns.nbehal3.ops<br />
|rns-ldap.nbehal3.ops<br />
<br />
|-<br />
|[[User:vbhatt|Bhatt,Vansh]]<br />
|vmbhatt2.ops<br />
|192.168.5.0<br />
|192.168.5.2<br />
|pri-dns.vmbhatt2.ops<br />
|rns-ldap.vmbhatt2.ops<br />
<br />
|-<br />
|[[User:rcapua|Capua,Russell]]<br />
|rcapua2.ops<br />
|192.168.6.0<br />
|192.168.6.2<br />
|pri-dns.rcapua2.ops<br />
|rns-ldap.rcapua2.ops<br />
<br />
|-<br />
|[[User:fdauti|Dauti,Fatjon]]<br />
|fdauti.ops<br />
|192.168.7.0<br />
|192.168.7.2<br />
|pri-dns.fdauti.ops<br />
|rns-ldap.fdauti.ops<br />
<br />
|-<br />
|[[User:rdu|Du,Ray]]<br />
|rdu6.ops<br />
|192.168.8.0<br />
|192.168.8.2<br />
|pri-dns.rdu6.ops<br />
|rns-ldap.rdu6.ops<br />
<br />
|-<br />
|[[User:kengineer|Engineer,Karn]]<br />
|knengineer.ops<br />
|192.168.9.0<br />
|192.168.9.2<br />
|pri-dns.knengineer.ops<br />
|rns-ldap.knengineer.ops<br />
<br />
|-<br />
|[[User:fganiyu|Ganiyu,Feyisetan]]<br />
|faganiyu.ops<br />
|192.168.10.0<br />
|192.168.10.2<br />
|pri-dns.faganiyu.ops<br />
|rns-ldap.faganiyu.ops<br />
<br />
|-<br />
|[[User:ngeronimo|Geronimo,Niccolo]]<br />
|ngeronimo.ops<br />
|192.168.11.0<br />
|192.168.11.2<br />
|pri-dns.ngeronimo.ops<br />
|rns-ldap.ngeronimo.ops<br />
<br />
|-<br />
|[[User:rguo|Guo,Robert]]<br />
|rguo19.ops<br />
|192.168.12.0<br />
|192.168.12.2<br />
|pri-dns.rguo19.ops<br />
|rns-ldap.rguo19.ops<br />
<br />
|-<br />
|[[User:pjean|Jean,Perry]]<br />
|pjean.ops<br />
|192.168.13.0<br />
|192.168.13.2<br />
|pri-dns.pjean.ops<br />
|rns-ldap.pjean.ops<br />
<br />
|-<br />
|[[User:sops535|Ops535,Stud14]]<br />
|stud14.ops<br />
|192.168.14.0<br />
|192.168.14.2<br />
|pri-dns.stud14.ops<br />
|rns-ldap.stud14.ops<br />
<br />
|-<br />
|[[User:gkarapetyan|Karapetyan,Gevorg]]<br />
|gkarapetyan2.ops<br />
|192.168.15.0<br />
|192.168.15.2<br />
|pri-dns.gkarapetyan2.ops<br />
|rns-ldap.gkarapetyan2.ops<br />
<br />
|-<br />
|[[User:skhan|Khan,Shayaan]]<br />
|skhan405.ops<br />
|192.168.16.0<br />
|192.168.16.2<br />
|pri-dns.skhan405.ops<br />
|rns-ldap.skhan405.ops<br />
<br />
|-<br />
|[[User:jkim|Kim,Joo]]<br />
|jykim32.ops<br />
|192.168.17.0<br />
|192.168.17.2<br />
|pri-dns.jykim32.ops<br />
|rns-ldap.jykim32.ops<br />
<br />
|-<br />
|[[User:skoleini|Koleini,Sama]]<br />
|skoleini1.ops<br />
|192.168.18.0<br />
|192.168.18.2<br />
|pri-dns.skoleini1.ops<br />
|rns-ldap.skoleini1.ops<br />
<br />
|-<br />
|[[User:mmoktader|Moktader,Mohammad]]<br />
|mmoktader.ops<br />
|192.168.19.0<br />
|192.168.19.2<br />
|pri-dns.mmoktader.ops<br />
|rns-ldap.mmoktader.ops<br />
<br />
|-<br />
|[[User:sops535|Ops535,Stud20]]<br />
|stud20.ops<br />
|192.168.20.0<br />
|192.168.20.2<br />
|pri-dns.stud20.ops<br />
|rns-ldap.stud20.ops<br />
<br />
|-<br />
|[[User:dngan|Ngan,Daniel]]<br />
|dngan.ops<br />
|192.168.21.0<br />
|192.168.21.2<br />
|pri-dns.dngan.ops<br />
|rns-ldap.dngan.ops<br />
<br />
|-<br />
|[[User:lnguyen|Nguyen,Le]]<br />
|lkdnguyen.ops<br />
|192.168.22.0<br />
|192.168.22.2<br />
|pri-dns.lkdnguyen.ops<br />
|rns-ldap.lkdnguyen.ops<br />
<br />
|-<br />
|[[User:spatel|Patel,Shyam]]<br />
|spatel468.ops<br />
|192.168.23.0<br />
|192.168.23.2<br />
|pri-dns.spatel468.ops<br />
|rns-ldap.spatel468.ops<br />
<br />
|-<br />
|[[User:krafi|Rafi,Kazi]]<br />
|krrafi.ops<br />
|192.168.24.0<br />
|192.168.24.2<br />
|pri-dns.krrafi.ops<br />
|rns-ldap.krrafi.ops<br />
<br />
|-<br />
|[[User:bromero|Romero,Burneo]]<br />
|raromero-burneo.ops<br />
|192.168.25.0<br />
|192.168.25.2<br />
|pri-dns.raromero-burneo.ops<br />
|rns-ldap.raromero-burneo.ops<br />
<br />
|-<br />
|[[User:esu|Su,Eliza]]<br />
|wsu15.ops<br />
|192.168.26.0<br />
|192.168.26.2<br />
|pri-dns.wsu15.ops<br />
|rns-ldap.wsu15.ops<br />
<br />
|-<br />
|[[User:ttuomisto|Tuomisto,Tim]]<br />
|tjtuomisto.ops<br />
|192.168.27.0<br />
|192.168.27.2<br />
|pri-dns.tjtuomisto.ops<br />
|rns-ldap.tjtuomisto.ops<br />
<br />
|-<br />
|[[User:styler|Tyler,Sean]]<br />
|styler.ops<br />
|192.168.28.0<br />
|192.168.28.2<br />
|pri-dns.styler.ops<br />
|rns-ldap.styler.ops<br />
<br />
|-<br />
|[[User:pyao|Yao,Peiliang]]<br />
|pyao7.ops<br />
|192.168.29.0<br />
|192.168.29.2<br />
|pri-dns.pyao7.ops<br />
|rns-ldap.pyao7.ops<br />
<br />
|-<br />
|[[User:jyin|Yin,James]]<br />
|syin12.ops<br />
|192.168.30.0<br />
|192.168.30.2<br />
|pri-dns.syin12.ops<br />
|rns-ldap.syin12.ops<br />
<br />
<br />
<br />
[[Category:OPS535]][[Category:rchan]]</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=Domainreg&diff=155079Domainreg2021-06-11T18:02:22Z<p>Rchan: </p>
<hr />
<div>Script for generating the root zone file from this wiki page: [[Get-root-zone]]<br />
<br />
Remember Add your nameserver's hostname as well as the IP (ex: ns1.mydomain.com or nameserver.mydomain.com)<br />
<br />
{|class="wikitable sortable" border="2" width="80%"<br />
<br />
!Name<br />
! Domain Name<br />
! Network<br />
! Name Server IP<br />
! Name Server Host<br />
! Root Nameserver<br />
<br />
|-<br />
|[[User:rchan|Chan, Raymond]]<br />
|rchan.ops<br />
|172.20.0.0<br />
|172.20.0.1<br />
|pri-dns.rchan.ops<br />
|<br />
<br />
|-<br />
|Ops535, Student14<br />
|stud14.ops<br />
|192.168.14.0<br />
|192.168.14.2<br />
|pri-dns.stud14.ops<br />
|rns-ldap.stud14.op2<br />
<br />
|-<br />
|Ops535, Student20<br />
|stud20.ops<br />
|192.168.20.0<br />
|192.168.20.2<br />
|pri-dns.stud20.ops<br />
|rns-ldap.stud20.ops<br />
<br />
<br />
[[Category:OPS535]][[Category:rchan]]</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-ldap&diff=155066OPS535-vl-lab-ldap2021-06-09T14:54:20Z<p>Rchan: </p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 3 (using Virutal Lab)=<br />
== Objectives ==<br />
* Design the algorithm for setup and configure an OpenLDAP server based on [[OPS535-lab-ldap | Lab 3 - LDAP lab]] <br />
* Create remote administration script(s) using bash/ansible based on your algorithm<br />
* Deploy the remote administration scripts using bash/ansible on your Seneca VM4 in the OPS535 Virtual Lab<br />
<br />
==Pre-Requisites==<br />
:* Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:* Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:* Complete the [[OPS535-lab-ldap | Lab 3 - LDAP lab]] on your home VMs<br />
:* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab<br />
:* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
<br />
==Investigation 1: Algorithm for setup and configure an OpenLDAP server==<br />
Based on the steps you performed on [[OPS535-lab-ldap | Lab 3 - LDAP lab]], design and create an appropriate algorithm to setup and configure an OpenLDAP server on your Seneca VM4 remotely from your control VM (Seneca VM1).<br />
You can follow the format used in Investigate 3, Task 1 in [[OPS535-vl-lab-nfs | Lab 2 - NFS Lab on VL]]<br />
* Name your algorithm as "lab3-ldap-algorithm.txt"<br />
* Save your algorithm file to ~student/ops535/lab3/lab3-ldap-algorithm.txt<br />
<br />
==Investigation 2: Scripts for remote deployment of an OpenLDAP server==<br />
=== Task 1 ===<br />
Based on your algorithm created for investigation 1, write a bash script named "lab3-ldap-setup.bash" to implement all the steps on VM4 (co-ldap)<br />
* save the script to ~student/ops535/lab3/scripts/lab3-ldap-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-ldap.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/ops535/lab3/playbook/config-ldap.yml<br />
<br />
=== Task 3 ===<br />
* Run the playbook create in Task 2 above, and capture the output to a file named lab3_inv2_task3.txt in the directory ~student/ops535/lab3/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-ldap&diff=155065OPS535-vl-lab-ldap2021-06-09T14:46:10Z<p>Rchan: /* Investigation 2: Scripts for remote deployment of an OpenLDAP server */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 3 (using Virutal Lab)=<br />
== Objectives ==<br />
* Design the algorithm for setup and configure an OpenLDAP server based on [[OPS535-lab-ldap | Lab 3 LDAP lab]] <br />
* Create remote administration script(s) using bash/ansible based on your algorithm<br />
* Deploy the remote administration scripts using bash/ansible on your Seneca VM4 in the OPS535 Virtual Lab<br />
<br />
==Pre-Requisites==<br />
:* Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:* Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:* Complete the [[OPS535-lab-ldap | Lab 3 - LDAP lab]] on your home VMs<br />
:* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab<br />
:* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
<br />
==Investigation 1: Algorithm for setup and configure an OpenLDAP server==<br />
<br />
==Investigation 2: Scripts for remote deployment of an OpenLDAP server==<br />
=== Task 1 ===<br />
Based on your algorithm created for investigation 1, write a bash script named "lab3-ldap-setup.bash" to implement all the steps on VM4 (co-ldap)<br />
* save the script to ~student/ops535/lab3/scripts/lab3-ldap-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-ldap.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/ops535/lab3/playbook/config-ldap.yml<br />
<br />
=== Task 3 ===<br />
* Run the playbook create in Task 2 above, and capture the output to a file named lab3_inv2_task3.txt in the directory ~student/ops535/lab3/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-ldap&diff=155064OPS535-vl-lab-ldap2021-06-09T14:42:36Z<p>Rchan: Created page with "Category: OPS535Category: OPS535-LabsCategory: rchan =OPS535 Lab 3 (using Virutal Lab)= == Objectives == * Design the algorithm for setup and configure an OpenLDAP..."</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 3 (using Virutal Lab)=<br />
== Objectives ==<br />
* Design the algorithm for setup and configure an OpenLDAP server based on [[OPS535-lab-ldap | Lab 3 LDAP lab]] <br />
* Create remote administration script(s) using bash/ansible based on your algorithm<br />
* Deploy the remote administration scripts using bash/ansible on your Seneca VM4 in the OPS535 Virtual Lab<br />
<br />
==Pre-Requisites==<br />
:* Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:* Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:* Complete the [[OPS535-lab-ldap | Lab 3 - LDAP lab]] on your home VMs<br />
:* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab<br />
:* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
<br />
==Investigation 1: Algorithm for setup and configure an OpenLDAP server==<br />
<br />
==Investigation 2: Scripts for remote deployment of an OpenLDAP server==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script named "lab2-nfs-setup.bash" to perform the following tasks on VM3 (co-rns)<br />
* move the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory named '/nfs-pub' with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
* save the script to ~student/ops535/lab2/scripts/lab2-nfs-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-nfs.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/ops535/lab2/playbook/config-nfs.yml<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt in the directory ~student/ops535/lab2/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155061OPS535-vl-lab-nfs2021-06-07T18:56:01Z<p>Rchan: /* Task 2: Configure ansible's inventory file */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' without password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops (please do not include '.ops' in the group name) and network number 14:<br />
<pre><br />
[stud14]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* create the directory ops535 and labs subdirectory under user student's home directory in VM1<br />
<pre><br />
student<br />
└── ops535<br />
├── a1<br />
├── lab2<br />
├── lab3<br />
└── lab4<br />
</pre><br />
* change the working directory to ~student/ops535/lab2, and run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script named "lab2-nfs-setup.bash" to perform the following tasks on VM3 (co-rns)<br />
* move the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory named '/nfs-pub' with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
* save the script to ~student/ops535/lab2/scripts/lab2-nfs-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-nfs.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/ops535/lab2/playbook/config-nfs.yml<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt in the directory ~student/ops535/lab2/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155059OPS535-vl-lab-nfs2021-06-07T16:17:45Z<p>Rchan: /* Task 2 */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' without password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* create the directory ops535 and labs subdirectory under user student's home directory in VM1<br />
<pre><br />
student<br />
└── ops535<br />
├── a1<br />
├── lab2<br />
├── lab3<br />
└── lab4<br />
</pre><br />
* change the working directory to ~student/ops535/lab2, and run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script named "lab2-nfs-setup.bash" to perform the following tasks on VM3 (co-rns)<br />
* move the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory named '/nfs-pub' with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
* save the script to ~student/ops535/lab2/scripts/lab2-nfs-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-nfs.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/ops535/lab2/playbook/config-nfs.yml<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt in the directory ~student/ops535/lab2/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155058OPS535-vl-lab-nfs2021-06-07T16:17:18Z<p>Rchan: /* Task 1 */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' without password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* create the directory ops535 and labs subdirectory under user student's home directory in VM1<br />
<pre><br />
student<br />
└── ops535<br />
├── a1<br />
├── lab2<br />
├── lab3<br />
└── lab4<br />
</pre><br />
* change the working directory to ~student/ops535/lab2, and run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script named "lab2-nfs-setup.bash" to perform the following tasks on VM3 (co-rns)<br />
* move the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory named '/nfs-pub' with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
* save the script to ~student/ops535/lab2/scripts/lab2-nfs-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-nfs.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/lab2/playbook/config-nfs.yml<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt in the directory ~student/lab2/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=Ops535_online_a1&diff=155056Ops535 online a12021-06-04T15:59:31Z<p>Rchan: /* Changes Log */</p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]]<br />
=Due Date=<br />
'''Tuesday, June 22, 2021'''<br />
* 15% of you final grade.<br />
<br />
= Required VMs =<br />
The four VMs assigned to you in the OPS535 Virtual Lab. Please ask your professor for information on how to access those VMs. The following are the general description for those four VMs:<br />
* VM1 - has three virtual network interfaces connected to three different virtual networks, they are <br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.1) for connecting to the lab's public network and the Internet. DO NOT change the network configuration on this network interface.<br />
** ens224, for connecting to the other three VMs in a private network. You will assign a private address 192.168.v.1 for this network interface.<br />
** ens256, do not use for this assignment.<br />
* VM2, VM3, and VM4 - each has two virtual network interfaces connected to two different virtual networks, they are<br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.2, 172.20.v.3, 172.20.v.4) 172.for connecting to the lab's public network and the Internet.<br />
** ens224, connect to the other three VMs. You will assign 192.168.v.2-4 to VM2, VM3, and VM4.<br />
<br />
= Hostname and Private IP addresses for the ens224 NIC =<br />
* VM1 - 192.168.v.1, router.<yourdomain>.ops<br />
* VM2 - 192.168.v.2, pri-dns.<yourdomain>.ops<br />
* VM3 - 192.168.v.3, co-nfs.<yourdomain>.ops<br />
* VM4 - 192.168.v.4, rns-ldap.<yourdomain>.ops<br />
<br />
<br />
Please note that the value of "v" given about may not have the same value as your assigned network number on Blackboard. Please replace "v" by the value of the third octet of the IP address assigned to your ens192 network interface by the lab's DHCP server.<br />
<br />
= Required Services and roles on each VM =<br />
== DNS servers ==<br />
You need three DNS servers for this assignment: <br />
:* Primary DNS server: running on VM2, pri-dns.<yourdomain>.ops, which is authoritative for your domain. It will be non-recursive, and must allow anyone to request answers to DNS queries of your domain.<br />
:* Caching-only DNS server: running on VM3, co-nfs.<yourdomain>.ops, which allows DNS queries only from network devices in your own private network. It will perform recursive DNS queries to the appropriate DNS servers or on its cache for answers.<br />
:* Root Name server: running on VM4, rns-ldap.<yourdomain>.ops, which is authoritative for the root zone only. It will answer queries from anyone to request DNS queries for the entire DNS namespace. You need to <b>collaborate</b> other root name server players in the virtual lab environment.<br />
<br />
== NFS Server - on VM co-nfs ==<br />
:* This VM will centrally host all of your <b>new network users’</b> home directories, allowing remote access through NFS version 4.<br />
:* Use the appropriate export option(s) (pay particular attention to root_squash and no_root_squash) when exporting network users' home directories.<br />
:* Superuser on the other VMs should not have root privilege on the exported directory, with the exception of the VM that is running the LDAP server.<br />
:* VMs outside your private network must not be able to contact this service. Every VM in your network (including those that have not yet been created) must have access to this service. <br />
:* Network users should not have read or write access to other network users' home directories.<br />
<br />
==LDAP Server - on VM rns-ldap==<br />
:* LDAP Base Name – <yourdomain>.ops, where <yourdomain> is your assigned domain.<br />
:* This VM will act as an LDAPs server and provide user and group information to your other VMs.<br />
:* Other students VMs in the virtual lab must not be able to contact this service.<br />
<br />
==Network, firewall, and SELinux==<br />
:* All your VMs must be accessible to each other via the private network.<br />
:* Do not allow DNS queries from any VMs in your network to any DNS servers in the lab except your caching-only DNS server.<br />
:* SELinux must be turned on and run in enforcing mode on all of your VMs. You may need to configure the SELinux booleans accordingly.<br />
:* Your VM1 must use iptables.service and VM2 to VM4 must use firewalld.service as their firewall. For firewalld.service, the ens192 interface should be set up in the 'public' zone and the ens224 interface should be set up in the ‘work’ zone. In addition to ssh traffic, your firewalls should only allow the traffic necessary to fulfil the roles described above.<br />
<br />
==Method of implementation==<br />
* Do not configure the required services manually with CLI, all the configuration must be done by using one of the following automation framework:<br />
** customized bash script with ssh, or<br />
** fabric tasks, or<br />
** ansible playbook.<br />
<br />
= Changes Log =<br />
Due to the dynamic and volatile nature of the IT industrial, this assignment specification may be changed in a daily basis to reflect the changing environment. All changes and modifications to this assignment requirement will be posted here. This requirement document will be frozen at least three days before the due date.<br />
* Released on June 4, 2021.<br />
<br />
=Grading=<br />
Shortly before the due date I will post a rubric on blackboard. On the due date I will <br />
:* provide a script that will gather information from your VMs and create a tar file from them. You will upload that tar file to blackboard with your automation scripts/files.<br />
:* run a test script from any machines in the virtual lab to scan and test all the required services you should provided. <br />
:* perform a disaster recovery test - one of your VMs will be reset to its baseline condition/configuration and you have 30 minutes to apply your automation script(s) to bring it back to the level this assignment required.<br />
<br />
=Questions=<br />
If you have any questions about this assignment, please talk to your professor before the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=Ops535_online_a1&diff=155055Ops535 online a12021-06-04T15:58:20Z<p>Rchan: /* Due Date */</p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]]<br />
=Due Date=<br />
'''Tuesday, June 22, 2021'''<br />
* 15% of you final grade.<br />
<br />
= Required VMs =<br />
The four VMs assigned to you in the OPS535 Virtual Lab. Please ask your professor for information on how to access those VMs. The following are the general description for those four VMs:<br />
* VM1 - has three virtual network interfaces connected to three different virtual networks, they are <br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.1) for connecting to the lab's public network and the Internet. DO NOT change the network configuration on this network interface.<br />
** ens224, for connecting to the other three VMs in a private network. You will assign a private address 192.168.v.1 for this network interface.<br />
** ens256, do not use for this assignment.<br />
* VM2, VM3, and VM4 - each has two virtual network interfaces connected to two different virtual networks, they are<br />
** ens192, with IP address assigned by the lab DHCP server (172.20.v.2, 172.20.v.3, 172.20.v.4) 172.for connecting to the lab's public network and the Internet.<br />
** ens224, connect to the other three VMs. You will assign 192.168.v.2-4 to VM2, VM3, and VM4.<br />
<br />
= Hostname and Private IP addresses for the ens224 NIC =<br />
* VM1 - 192.168.v.1, router.<yourdomain>.ops<br />
* VM2 - 192.168.v.2, pri-dns.<yourdomain>.ops<br />
* VM3 - 192.168.v.3, co-nfs.<yourdomain>.ops<br />
* VM4 - 192.168.v.4, rns-ldap.<yourdomain>.ops<br />
<br />
<br />
Please note that the value of "v" given about may not have the same value as your assigned network number on Blackboard. Please replace "v" by the value of the third octet of the IP address assigned to your ens192 network interface by the lab's DHCP server.<br />
<br />
= Required Services and roles on each VM =<br />
== DNS servers ==<br />
You need three DNS servers for this assignment: <br />
:* Primary DNS server: running on VM2, pri-dns.<yourdomain>.ops, which is authoritative for your domain. It will be non-recursive, and must allow anyone to request answers to DNS queries of your domain.<br />
:* Caching-only DNS server: running on VM3, co-nfs.<yourdomain>.ops, which allows DNS queries only from network devices in your own private network. It will perform recursive DNS queries to the appropriate DNS servers or on its cache for answers.<br />
:* Root Name server: running on VM4, rns-ldap.<yourdomain>.ops, which is authoritative for the root zone only. It will answer queries from anyone to request DNS queries for the entire DNS namespace. You need to <b>collaborate</b> other root name server players in the virtual lab environment.<br />
<br />
== NFS Server - on VM co-nfs ==<br />
:* This VM will centrally host all of your <b>new network users’</b> home directories, allowing remote access through NFS version 4.<br />
:* Use the appropriate export option(s) (pay particular attention to root_squash and no_root_squash) when exporting network users' home directories.<br />
:* Superuser on the other VMs should not have root privilege on the exported directory, with the exception of the VM that is running the LDAP server.<br />
:* VMs outside your private network must not be able to contact this service. Every VM in your network (including those that have not yet been created) must have access to this service. <br />
:* Network users should not have read or write access to other network users' home directories.<br />
<br />
==LDAP Server - on VM rns-ldap==<br />
:* LDAP Base Name – <yourdomain>.ops, where <yourdomain> is your assigned domain.<br />
:* This VM will act as an LDAPs server and provide user and group information to your other VMs.<br />
:* Other students VMs in the virtual lab must not be able to contact this service.<br />
<br />
==Network, firewall, and SELinux==<br />
:* All your VMs must be accessible to each other via the private network.<br />
:* Do not allow DNS queries from any VMs in your network to any DNS servers in the lab except your caching-only DNS server.<br />
:* SELinux must be turned on and run in enforcing mode on all of your VMs. You may need to configure the SELinux booleans accordingly.<br />
:* Your VM1 must use iptables.service and VM2 to VM4 must use firewalld.service as their firewall. For firewalld.service, the ens192 interface should be set up in the 'public' zone and the ens224 interface should be set up in the ‘work’ zone. In addition to ssh traffic, your firewalls should only allow the traffic necessary to fulfil the roles described above.<br />
<br />
==Method of implementation==<br />
* Do not configure the required services manually with CLI, all the configuration must be done by using one of the following automation framework:<br />
** customized bash script with ssh, or<br />
** fabric tasks, or<br />
** ansible playbook.<br />
<br />
= Changes Log =<br />
Due to the dynamic and volatile nature of the IT industrial, this assignment specification may be changed in a daily basis to reflect the changing environment. All changes and modifications to this assignment requirement will be posted here. This requirement document will be frozen at least three days before the due date.<br />
* Released on Feb 10, 2021.<br />
<br />
=Grading=<br />
Shortly before the due date I will post a rubric on blackboard. On the due date I will <br />
:* provide a script that will gather information from your VMs and create a tar file from them. You will upload that tar file to blackboard with your automation scripts/files.<br />
:* run a test script from any machines in the virtual lab to scan and test all the required services you should provided. <br />
:* perform a disaster recovery test - one of your VMs will be reset to its baseline condition/configuration and you have 30 minutes to apply your automation script(s) to bring it back to the level this assignment required.<br />
<br />
=Questions=<br />
If you have any questions about this assignment, please talk to your professor before the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535_A1&diff=155054OPS535 A12021-06-04T15:57:51Z<p>Rchan: </p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]][[Category:peter.callaghan]]<br />
= Specification =<br />
* [[ops535 online a1 | Assignment 1 - Summer 2021]] - Due on Tuesday, June 22, 2021</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS435_Online_Assignment_1&diff=155051OPS435 Online Assignment 12021-06-03T14:45:08Z<p>Rchan: </p>
<hr />
<div>[[Category:OPS435-Python]][[Category:rchan]]<br />
= Overview =<br />
When applying for a bank account, accepting a job, or some other activity that is personal, it may involve the processing of someone's date of birth. It is critical for this type of data to be validated before being processed by a computation system. <br />
<br />
The task for this assignment is to design an <b>algorithm</b> and write a python script to validate a given string in various forms as the date of birth of someone and convert it into a standard format. The DOB (date of birth) conversion script should take a date in one of the following four formats: "YYYYMMDD", "YYYY/MM/DD", "YYYY-MM-DD", and "YYYY.MM.DD" format and return the date in a standard format: 'mmm d, yyyy", where "mmm" is the three letter abbreviated month's name, 'd' is a one or two-digit day of the month, and 'yyyy' is the four-digit year. That is, if the user enters "20210604", or "2021-06-04", or "2021/06/04", or "2021.06.04", the script will return "Jun 4, 2021". More examples to follow.<br />
<br />
= Assignment Requirements =<br />
== The First Checkpoint (Jun 9) ==<br />
* Before you begin coding in Python, it is important to plan your algorithm. Therefore your first task will be to complete and submit an algorithm document. This document should be named '''algorithm_[Seneca_name].txt'''. This file should be plaintext. The document will contain two sections:<br />
:* A description of how your main program works. The main program flow is provided to you in a1_template.py. Open the file, and use clear and simple English to describe what each line of code does in such a way that a competent Python coder could reproduce the code without seeing it first hand.<br />
:* You will then apply the same principles to create an <b>algorithm</b> for each validation function named in the a1_template.py file. Inside the code, if you are calling another function like "leap_year()", you may simply describe what the function will return, and not the operation of the function itself. <br />
* This file should be submitted to Blackboard by Jun 9, 2021, and should be your first priority. The objective of the first checkpoint is not to have a 100% perfect algorithm, but to plan ahead and anticipate challenges and issues with the assignment. The first checkpoint will also allow your professor an opportunity to give you feedback before the assignment overall due date.<br />
* [https://simple.m.wikipedia.org/wiki/Algorithm Here is an basic introduction to Algorithm]<br />
* While you are working on the step-by-step instructions, note that there are different number of days in each month and some years have 365 days and some years have 366 days.<br />
* Since we don't think we are going to encounter someone who is 120 years or older, your algorithm can consider a date of birth before year 1900 as invalid. Could you think of other limits you should impose on someone's date of birth?<br />
<br />
== The 2nd Checkpoint - your drafted Python Script (Jun 16) ==<br />
* As stated before, your code will be inside the file "a1_[Seneca_name].py". The first step will be to clone the Assignment 1 template repository (https://github.com/rayfreeping/ops435-a1). Once you clone the repository, run this command: "cp a1_template.py a1_[Seneca_name].py". (Replace Seneca_name with your Seneca account user name). Begin coding your algorithm into Python code that is required. Additional requirements are outlined below.<br />
* Your should update the author and date information in your Python script.<br />
* Your Python script file a1_[Seneca_name].py should be submitted to Blackboard by Jun 16, 2021. * The script doesn't have to be perfect and error free. However, it shouldn't contain any syntax errors when executed.<br />
* This intern submission is just to show that you are actively working on your assignment.<br />
<br />
== The Final submission with preliminary test results (Jun 21) ==<br />
* Run the preliminary test script named "checkA1.py" in the "tests" sub-folder of the ops435-a1 repository mentioned above.<br />
* Please read the readme.txt in the tests sub-folder for more information on the purpose of the preliminary test script.<br />
* When your are satisfy with the test result, capture the test result to a file named a1_pretest.txt and submit it together with your Python script a1_[Seneca_name].py to Blackboard by Jun 21, 2021.<br />
<br />
== Python Coding Requirements ==<br />
=== Required Modules and Functions ===<br />
<b><font color='blue'>Your python script is allowed to call all the built-in functions and the functions imported from the <u>os, subprocess and sys</u> modules from the standard library.</font></b><br />
<br />
Based on the algorithm you have designed for this assignment, you should at least have the following five functions defined in your python script (see later section on the purpose of each function):<br />
* leap_year()<br />
* range_check()<br />
* sanitize()<br />
* size_check()<br />
* usage()<br />
<br />
=== Coding Standard ===<br />
Your python script must follow the following coding guide:<br />
* [https://www.python.org/dev/peps/pep-0008/ PEP-8 -- Style Guide for writing Python Code]<br />
<br />
=== Command Line Argument to be supported ===<br />
* Your Python script must accept only one command line argument: date. Input date in the following format with correct values of YYYY, MM, and DD should be considered as valid input data:<br />
** <code>YYYYMMDD</code><br />
** <code>YYYY/MM/DD</code><br />
** <code>YYYY-MM-DD</code><br />
** <code>YYYY.MM.DD</code> <br />
* If there are no argument, more than one argument, or an invalid year, month, or day, your script should display the appropriate usage message, error code, and exit.<br />
<br />
=== Documentation ===<br />
* Please use python's docstring to document your python script <br />
** script level documentation, and <br />
** function level documention for each function you created for this assignment. <br />
* The docstring should describe 'what' the function does, not 'how' it does.<br />
<br />
=== Authorship Declaration ===<br />
All your Python code for this assignment must be placed in a <font color='red'><b><u>single source python file</u></b></font>. Please complete the declaration <b><u>as part of the docstring</u></b> in your Python source code file (replace "Student Name" with your own name).<br />
<br />
=== Github Commits === <br />
You will be graded partly on the quality and transaction activities of your Github commits. Professionals generally follow these guidelines:<br />
* commit their code after every significant change, <br />
* the code should run without syntax errors after each commit, and<br />
* every commit has a descriptive commit message.<br />
These guidelines are not always possible, but you are expected to follow these guidelines as much as possible. Break the assigned task into smaller pieces, and work iteratively to solve each small task. Test your code after each small change you made, and address errors as soon as they arise. It will make your coding life easier!<br />
<br />
== Tests and Test results ==<br />
You must name your python 3 script as <code>a1_[Seneca_name].py</code>. The following examples assumes that the Seneca_name is rchan. The script should accept one command line argument, the argument can be either in "YYYYMMDD", "YYYY/MM/DD", "YYYY-MM-DD", or "YYYY.MM.DD" format. If the input data does not represent a real date, your script should give an appropriate error message. Invalid months (>12) or invalid days of month(different for each month, and if the month is February, the year matter too), should be detected and give appropriate error messages. For examples:<br />
* <b><code>python3 a1_rchan.py 2020-10-10</code></b>, and the output should be<br /><br />
Oct 10, 2020<br />
* <b><code>python3 a1_rchan.py 2020-10-09</code></b>, and the output should be<br /><br />
Oct 9, 2020<br />
* <b><code>python3 a1_rchan.py 2020-06-30</code></b>, and the output should be<br /><br />
Jun 30, 2020<br />
* <b><code>python3 a1_rchan.py 20201010</code></b>, and the output should be<br /><br />
Oct 10, 2020<br />
* <b><code>python3 a1_rchan.py 2020/10/10</code></b>, and the output should be<br /><br />
Oct 10, 2020<br />
* <b><code>python3 a1_rchan.py 2020.02.29</code></b>, and the output should be<br /><br />
Feb 29, 2020<br />
* <b><code>python3 a1_rchan.py 2019.02.29</code></b>, and the output should be<br /><br />
Error 03: wrong day entered<br />
* <b><code>python3 a1_rchan.py 2019.13.12</code></b>, and the output should be<br /><br />
Error 02: wrong month entered<br />
* <b><code>python3 a1_rchan.py 2019.06.31</code></b>, and the output should be<br /><br />
Error 03: wrong day entered<br />
* <b><code>python3 a1_rchan.py 201802</code></b>, and the output should be<br /><br />
Error 09: wrong date entered<br />
* <b><code>python3 a1_rchan.py 18981225</code></b>, and the output should be <br /><br />
Error 10: year out of range, must be 1900 or later<br />
* <b><code>python3 a1_rchan.py 18981299</code></b>, and the output should be <br /><br />
Error 10: year out of range, must be 1900 or later<br />
* <b><code>python3 a1_rchan.py 189802</code></b>, and the output should be<br /><br />
Error 09: wrong date entered<br />
<br />
<br />
If there is too few or too many command line argument given, display the proper usage:<br />
* <code>Usage: a1_rchan.py YYYYMMDD|YYYY/MM/DD|YYYY-MM-DD|YYYY.MM.DD </code><br />
<br />
== Script structure and sample template ==<br />
<br />
The following is a brief description of each function:<br />
* The leap_year() function will take a year in "YYYY" format, and return True if the given year is a leap year, otherwise return False.<br />
* The range_check() function will take an integer object and a tuple with two integer values, the first value indicates the lower bound and the second one indicates the upper bound of a integer range. If the integer object falls in between the range given in the tuple, return 'True', otherwise return 'False'.<br />
* The sanitize() function will take two string objects, the first string object is the object to be sanitized, and the 2nd string object contains letters that are allowed. This function will return the first object with letters not in the 2nd string object removed.<br />
* The size_check() function will take an collection data type object and expected number of items as an integer and will return either 'True' or 'False'. If the number of items in the data object match the integer value given, return 'True', otherwise return 'False'<br />
* The usage() function will take no argument and return a string describing the usage of the script.<br />
<br />
= Rubric =<br />
<br />
{| class="wikitable" border="1"<br />
! Task !! Maximum mark !! Actual mark<br />
|-<br />
| Program Authorship Declaration || 5 ||<br />
|-<br />
| Check script passed || 30 ||<br />
|-<br />
| size_check() function design || 4 ||<br />
|-<br />
| sanitize() function design || 4 ||<br />
|-<br />
| leap_year() function design || 4 ||<br />
|-<br />
| range_check() function design || 4 ||<br />
|-<br />
| usage() function design || 4 ||<br />
|-<br />
| script level docstring || 5 ||<br />
|-<br />
| function level docstring || 5 ||<br />
|-<br />
| First Checkpoint ||10||<br />
|-<br />
| Second Checkpoint || 10 ||<br />
|-<br />
| github.com repository: Commit messages and use ||15||<br />
|-<br />
|'''Total''' || 100 || <br />
<br />
|}<br />
<br />
= Due Date and Final Submission requirement =<br />
<br />
Check with your professor for the due date for your section.<br />
<br />
Please submit the following files by the due date:<br />
* [ ] your algorithm document, named as 'algorithm_[Seneca_name].txt', to Blackboard.<br />
* [ ] your python script, named as 'a1_[Seneca_name].py', should be included in your repository, and also '''submitted to Blackboard.'''<br />
* [ ] the output of the checking script checkA1.py, named as 'a1_pretest.txt', should be included in your repository, and also '''submitted to Blackboard.'''</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS435_Assignment_1&diff=155050OPS435 Assignment 12021-06-03T14:26:09Z<p>Rchan: </p>
<hr />
<div>'''OPS435 Assignment 1 for Summer 2021'''</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155049OPS535-vl-lab-nfs2021-06-02T18:25:13Z<p>Rchan: /* Task 1 : Configure ssh key-based authentication on VM1 */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' without password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* create the directory ops535 and labs subdirectory under user student's home directory in VM1<br />
<pre><br />
student<br />
└── ops535<br />
├── a1<br />
├── lab2<br />
├── lab3<br />
└── lab4<br />
</pre><br />
* change the working directory to ~student/ops535/lab2, and run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script named "lab2-nfs-setup.bash" to perform the following tasks on VM3 (co-rns)<br />
* move the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory named '/nfs-pub' with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
* save the script to ~student/lab2/scripts/lab2-nfs-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-nfs.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/lab2/playbook/config-nfs.yml<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt in the directory ~student/lab2/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155036OPS535-vl-lab-nfs2021-05-31T12:10:14Z<p>Rchan: /* Task 2 */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' with using password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* create the directory ops535 and labs subdirectory under user student's home directory in VM1<br />
<pre><br />
student<br />
└── ops535<br />
├── a1<br />
├── lab2<br />
├── lab3<br />
└── lab4<br />
</pre><br />
* change the working directory to ~student/ops535/lab2, and run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script named "lab2-nfs-setup.bash" to perform the following tasks on VM3 (co-rns)<br />
* move the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory named '/nfs-pub' with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
* save the script to ~student/lab2/scripts/lab2-nfs-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-nfs.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/lab2/playbook/config-nfs.yml<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt in the directory ~student/lab2/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155035OPS535-vl-lab-nfs2021-05-31T12:09:46Z<p>Rchan: /* Task 2 */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' with using password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* create the directory ops535 and labs subdirectory under user student's home directory in VM1<br />
<pre><br />
student<br />
└── ops535<br />
├── a1<br />
├── lab2<br />
├── lab3<br />
└── lab4<br />
</pre><br />
* change the working directory to ~student/ops535/lab2, and run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script named "lab2-nfs-setup.bash" to perform the following tasks on VM3 (co-rns)<br />
* move the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory named '/nfs-pub' with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
* save the script to ~student/lab2/scripts/lab2-nfs-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook named "config-nfs.yml" to perform the same tasks as mentioned in task 1.<br />
* save the ansible playbook to ~student/lab2/playbook/config-nfs.yml<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt to the directory ~student/lab2/log/<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155034OPS535-vl-lab-nfs2021-05-31T12:07:40Z<p>Rchan: /* Task 1 */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' with using password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* create the directory ops535 and labs subdirectory under user student's home directory in VM1<br />
<pre><br />
student<br />
└── ops535<br />
├── a1<br />
├── lab2<br />
├── lab3<br />
└── lab4<br />
</pre><br />
* change the working directory to ~student/ops535/lab2, and run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script named "lab2-nfs-setup.bash" to perform the following tasks on VM3 (co-rns)<br />
* move the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory named '/nfs-pub' with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
* save the script to ~student/lab2/scripts/lab2-nfs-setup.bash<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook to perform the same tasks as mentioned in task 1.<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155033OPS535-vl-lab-nfs2021-05-31T12:04:06Z<p>Rchan: /* Task 2: Configure ansible's inventory file */</p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' with using password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* create the directory ops535 and labs subdirectory under user student's home directory in VM1<br />
<pre><br />
student<br />
└── ops535<br />
├── a1<br />
├── lab2<br />
├── lab3<br />
└── lab4<br />
</pre><br />
* change the working directory to ~student/ops535/lab2, and run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script to perform the following tasks on VM3 (co-rns)<br />
* more the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook to perform the same tasks as mentioned in task 1.<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-online-lab-ldap&diff=155032OPS535-online-lab-ldap2021-05-31T03:54:40Z<p>Rchan: </p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]]<br />
=There are two stages for you to complete this lab=<br />
* First do it on your home system with VMware VM: [[OPS535-lab-ldap]]<br />
* Next, do it on your assigned VMs in OPS535 Virtual Lab: [[OPS535-vl-lab-ldap]]<br />
= References =<br />
* [https://www.mankier.com/package/authselect authselect package]<br />
* [http://httpd.apache.org/docs/2.4/ssl/ssl_faq.html Create server key and certificate tutorial (Apache Doc)]</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-online-lab-nfs&diff=155031OPS535-online-lab-nfs2021-05-31T03:51:57Z<p>Rchan: </p>
<hr />
<div>[[Category:OPS535]][[Category:rchan]]<br />
There are two stages for you to complete this lab:<br />
* First do it on your home system with VMware VM by following the instruction in: [[OPS535-lab-nfs]]<br />
* Next do it on your assigned VMs in OPS535 Virtual Lab by following the instruction in: [[OPS535-vl-lab-nfs]]</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155030OPS535-vl-lab-nfs2021-05-31T03:23:58Z<p>Rchan: </p>
<hr />
<div>[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' with using password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script to perform the following tasks on VM3 (co-rns)<br />
* more the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook to perform the same tasks as mentioned in task 1.<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt<br />
<br />
==Completing the Lab==<br />
Follow the instructions on blackboard to submit the lab by the due date.</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155029OPS535-vl-lab-nfs2021-05-31T03:22:54Z<p>Rchan: /* Investigation 3: Scripts for remote administrations */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' with using password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Based on [[OPS535-lab-nfs|Lab 2 - NFS lab]], write a bash script to perform the following tasks on VM3 (co-rns)<br />
* more the network interface ens224 from firewalld's public zone to internal zone<br />
* install the nfs-utils rpm package if it has not already been installed<br />
* create an nfs share directory with mode '1777'<br />
* update the /etc/exports as required in [[OPS535-lab-nfs|Lab 2 - NFS lab]]<br />
* enable nfs-server service if has not already been enabled<br />
* start nfs-server service if has not already been started<br />
* update firewalld's internal zone to allow nfs service<br />
* update firewalld's internal zone to allow nfs3 server service<br />
* update firewalld's internal zone to allow rpc-bind service<br />
<br />
=== Task 2 ===<br />
Create an ansible playbook to perform the same tasks as mentioned in task 1.<br />
* Run the playbook and capture the output to a file named lab2_inv3_task2.txt<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155028OPS535-vl-lab-nfs2021-05-31T03:11:28Z<p>Rchan: /* Task 2: Configure ansible's inventory file */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' with using password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
* run the following commands to gather useful variables about remote hosts that can be used in ansible playbooks:<br />
:* for remote host: vm2<br />
<pre><br />
ansible pri-dns.<your dns domain> -m setup > pri-dns-setup.txt<br />
</pre><br />
:* for remote host: vm3<br />
<pre><br />
ansible co-nfs.<your dns domain> -m setup > co-nfs-setup.txt<br />
</pre><br />
:* for remote host: vm4<br />
<pre><br />
ansible rns-ldap.<your dns domain> -m setup > rns-ldap-setup.txt<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155027OPS535-vl-lab-nfs2021-05-31T02:59:25Z<p>Rchan: /* Task 2: Configure ansible's inventory file */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' with using password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Using the following as a template, add your VM2 to VM3 information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
* The following is an example for student with domain name stud14.ops and network number 14:<br />
<pre><br />
[stud14.ops]<br />
pri-dns.stud14.ops ansible_host=192.168.14.2<br />
co-nfs.stud14.ops ansible_host=192.168.14.3<br />
rns-ldap.stud14.ops ansible_host=192.168.14.4<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155026OPS535-vl-lab-nfs2021-05-31T02:55:43Z<p>Rchan: /* Investigation 2: Control Workstation Configuration */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
===Background===<br />
You will configure VM1 as the control workstation for performing remote administration task on your VM2 - VM4. The prefer method is to configure your control workstation to use ssh key-based authentication when connecting to your VM2 - VM4 remotely. If you are planning in using ansible to perform remote configuration, you need to set up the inventory file for ansible.<br />
<br />
=== Task 1 : Configure ssh key-based authentication on VM1 ===<br />
* login to your VM 1 as 'student'.<br />
* add the following IP address to hostname/FQDN mapping to the /etc/hosts file:<br />
<pre><br />
192.168.xx.1 router router.<your dns domain><br />
192.168.xx.2 pri-dns pri-dns.<your dns domain><br />
192.168.xx.3 co-nfs co-nfs.<your dns domain><br />
192.168.xx.4 rns-ldap rns-ldap.<your dns domain><br />
</pre><br />
* run the 'ssh-keygen' to generate the public-private key pair for key-based authentication<br />
* run the following commands to copy to public key to VM2 - VM4.<br />
:* for VM2<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@pri-dns<br />
</pre><br />
:* for VM3<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@co-rns<br />
</pre><br />
:* for VM4<br />
<pre><br />
ssh-copy-id -i ~/.ssh/id_rsa.pub student@rns-ldap<br />
</pre><br />
* verify and confirm that you can ssh to your VM2, VM3, and VM4 as 'student' with using password.<br />
<br />
=== Task 2: Configure ansible's inventory file ===<br />
* login to your VM1 (route) as 'student'<br />
* Add the following information to the end of /etc/ansible/hosts:<br />
<pre><br />
[your dns domain]<br />
pri-dns.<your dns domain> ansible_host=192.168.xx.2<br />
co-nfs.<your dns domain> ansible_host=192.168.xx.3<br />
rns-ldap.<your dns domain> ansible_host=192.168.xx.4<br />
</pre><br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155025OPS535-vl-lab-nfs2021-05-31T02:18:16Z<p>Rchan: /* Investigation 1: VMs Configuration */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'.<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* run the 'nmtui' command to set the hostname<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* run the command to update all the packages installed on the system<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network device 'ens192'<br />
* run the 'nmtui' command under sudo and configure the network device '''ens224''' with the approprate IP address as shown in the table above.<br />
* run the 'nmtui' command to set the hostname<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155024OPS535-vl-lab-nfs2021-05-31T02:13:49Z<p>Rchan: /* Background */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
Make sure you have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router (ops535.myvmlab.senecacollege) maps the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. Note that 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network configuration you should have on each VM. The values shown in the table are for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on 'ens192'<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155023OPS535-vl-lab-nfs2021-05-31T00:43:27Z<p>Rchan: /* Task 2: setup and configure VM2 - VM4 */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* ssh from matrix to your VM2 - VM4, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on 'ens192'<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155022OPS535-vl-lab-nfs2021-05-31T00:41:29Z<p>Rchan: /* Background */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM for the student with network number '14':<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* you can either ssh to your VM2 - VM4 from matrix or from your VM1.<br />
:* ssh to your VM2 - VM4 from matrix, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
:* ssh to your VM2 - VM4 from your VM1<br />
<pre><br />
ssh 172.20.14.[2-4]<br />
</pre><br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155021OPS535-vl-lab-nfs2021-05-31T00:34:54Z<p>Rchan: /* Background */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VM y<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM 3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM 4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* you can either ssh to your VM2 - VM4 from matrix or from your VM1.<br />
:* ssh to your VM2 - VM4 from matrix, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
:* ssh to your VM2 - VM4 from your VM1<br />
<pre><br />
ssh 172.20.14.[2-4]<br />
</pre><br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155020OPS535-vl-lab-nfs2021-05-31T00:34:13Z<p>Rchan: /* Background */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
| style='border: 2px solid black; | hostname<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
| style='background-color:#66cccc; border: 2px solid black;" | router<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | pri-dns<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | co-nfs<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | rns-ldap<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* you can either ssh to your VM2 - VM4 from matrix or from your VM1.<br />
:* ssh to your VM2 - VM4 from matrix, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
:* ssh to your VM2 - VM4 from your VM1<br />
<pre><br />
ssh 172.20.14.[2-4]<br />
</pre><br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155019OPS535-vl-lab-nfs2021-05-31T00:29:43Z<p>Rchan: /* Task 1 : setup and configure VM1 */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* you can either ssh to your VM2 - VM4 from matrix or from your VM1.<br />
:* ssh to your VM2 - VM4 from matrix, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
:* ssh to your VM2 - VM4 from your VM1<br />
<pre><br />
ssh 172.20.14.[2-4]<br />
</pre><br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155018OPS535-vl-lab-nfs2021-05-31T00:29:09Z<p>Rchan: /* Objectives */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure private network for your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure VM1 as your control workstation for performing remote administration tasks on VM[2-4]<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* configure ssh key-based access from your VM1 to VM[2-4] for the 'student' account.<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* you can either ssh to your VM2 - VM4 from matrix or from your VM1.<br />
:* ssh to your VM2 - VM4 from matrix, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
:* ssh to your VM2 - VM4 from your VM1<br />
<pre><br />
ssh 172.20.14.[2-4]<br />
</pre><br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155017OPS535-vl-lab-nfs2021-05-31T00:26:43Z<p>Rchan: /* Task 1 : setup and configure VM1 */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure one of the VMs as your control workstation for remote administration tasks<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
* install the 'epel-release' package<br />
* install the 'ansible' package<br />
* install the 'git' package<br />
* install the 'wget' package<br />
* configure ssh key-based access from your VM1 to VM[2-4] for the 'student' account.<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* you can either ssh to your VM2 - VM4 from matrix or from your VM1.<br />
:* ssh to your VM2 - VM4 from matrix, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
:* ssh to your VM2 - VM4 from your VM1<br />
<pre><br />
ssh 172.20.14.[2-4]<br />
</pre><br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155016OPS535-vl-lab-nfs2021-05-31T00:24:34Z<p>Rchan: /* Task 2: setup and configure VM2 - VM4 */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure one of the VMs as your control workstation for remote administration tasks<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* you can either ssh to your VM2 - VM4 from matrix or from your VM1.<br />
:* ssh to your VM2 - VM4 from matrix, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
:* ssh to your VM2 - VM4 from your VM1<br />
<pre><br />
ssh 172.20.14.[2-4]<br />
</pre><br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155015OPS535-vl-lab-nfs2021-05-31T00:23:49Z<p>Rchan: /* Task 1 : setup and configure VM1 */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure one of the VMs as your control workstation for remote administration tasks<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
<br />
=== Task 2: setup and configure VM2 - VM4 ===<br />
* you can either ssh to your VM2 - VM4 from matrix or from your VM1.<br />
** ssh to your VM2 - VM4 from matrix, replace [2-4] with 2, 3, or 4:<br />
<pre><br />
ssh -p 914[2-4] student@ops435.myvmlab.senecacollege.ca<br />
</pre><br />
** ssh to your VM2 - VM4 from your VM1<br />
<pre><br />
ssh 172.20.14.[2-4]<br />
</pre><br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155014OPS535-vl-lab-nfs2021-05-31T00:19:26Z<p>Rchan: /* Investigation 1: VMs Configuration */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure one of the VMs as your control workstation for remote administration tasks<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
=== Task 1 : setup and configure VM1 ===<br />
* ssh to your VM1 from matrix<br />
<pre><br />
ssh -p 9141 student@ops535.myvmlab.senecacollege.ca<br />
</pre><br />
* confirm the IP address on the network dev 'ens192'.<br />
* run the 'nmtui' command under sudo and configure '''ens224''' with the appropriate IP address (192.168.xx.1) as shown.<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155013OPS535-vl-lab-nfs2021-05-31T00:10:55Z<p>Rchan: /* Background */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure one of the VMs as your control workstation for remote administration tasks<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | ens192 ip<br />
| style='border: 2px solid black; | ens224 ip<br />
| style='border: 2px solid black; | ens256 ip<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ----<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
Perform the following steps on vm2:<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155012OPS535-vl-lab-nfs2021-05-31T00:06:59Z<p>Rchan: /* Background */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure one of the VMs as your control workstation for remote administration tasks<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs, where 'xx' is you assigned network number, and 'y' is the VM number. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | dev<br />
| style='border: 2px solid black; | ip addr<br />
| style='border: 2px solid black; | dev<br />
| style='border: 2px solid black; | ip addr<br />
| style='border: 2px solid black; | dev<br />
| style='border: 2px solid black; | ip addr<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | ens192<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ens224<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ens256<br />
| style='background-color:#ffff00; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens192<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens224<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens256<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens192<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens224<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens192<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens224<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens192<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens224<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
Perform the following steps on vm2:<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155011OPS535-vl-lab-nfs2021-05-31T00:05:39Z<p>Rchan: /* Background */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure one of the VMs as your control workstation for remote administration tasks<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | dev<br />
| style='border: 2px solid black; | ip addr<br />
| style='border: 2px solid black; | dev<br />
| style='border: 2px solid black; | ip addr<br />
| style='border: 2px solid black; | dev<br />
| style='border: 2px solid black; | ip addr<br />
|-<br />
| style="background-color:#ffff00; border: 2px solid black;" | VMy<br />
| style="background-color:#ffff00; border: 2px solid black;" | 9xxy<br />
| style='background-color:#ffff00; border: 2px solid black;" | ens192<br />
| style='background-color:#ffff00; border: 2px solid black;" | 172.20.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ens224<br />
| style='background-color:#ffff00; border: 2px solid black;" | 192.168.xx.y<br />
| style='background-color:#ffff00; border: 2px solid black;" | ens256<br />
| style='background-color:#ffff00; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens192<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens224<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens256<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens192<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens224<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens192<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens224<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens192<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens224<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
Perform the following steps on vm2:<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchanhttps://wiki.cdot.senecacollege.ca/w/index.php?title=OPS535-vl-lab-nfs&diff=155010OPS535-vl-lab-nfs2021-05-31T00:02:31Z<p>Rchan: /* Background */</p>
<hr />
<div>'''DO NOT USE - Work in Progress'''<br />
<font color='red'>DO NOT USE - Work in Progress</font><br />
[[Category: OPS535]][[Category: OPS535-Labs]][[Category: rchan]]<br />
=OPS535 Lab 2 (using Virutal Lab)=<br />
== Objectives ==<br />
* Setup and configure your assigned VMs in the OPS535 Virtual Lab for this lab, future labs, and assignments<br />
* Configure one of the VMs as your control workstation for remote administration tasks<br />
* Create and deploy remote administration scripts using bash/ansible<br />
<br />
==Pre-Requisites==<br />
:*Has access to Seneca VPN, and matrix.senecacollege.ca<br />
:*Complete the collection of baseline information on your assigned VMs (VM1, VM2, VM3, and VM4)<br />
:*Complete the [[OPS535-lab-nfs | Lab 2 - NFS lab]] on your home VMs<br />
<br />
==Investigation 1: VMs Configuration==<br />
=== Background ===<br />
You have ssh access to your assigned VMs from matrix.senecacollege.ca using the port numbers, user name, and the corresponding password given on Blackboard via the router ops535.myvmlab.senecacollege.ca. The access router will map the ports (9xxy) to the corresponding internal IP addresses (172.20.xx.y) of your VMs. The following are the port mapping and the network interfaces on each VM:<br />
<br />
{| class="wikitable" | style="margin-left:50px; style="border: 2px solid black;" | "<br />
|- style="font-weight:bold; text-align:center;"<br />
| style="border: 2px solid black;" | VM<br />
| style="border: 2px solid black;" | Port<br />
| style='border: 2px solid black; | dev<br />
| style='border: 2px solid black; | ip addr<br />
| style='border: 2px solid black; | dev<br />
| style='border: 2px solid black; | ip addr<br />
| style='border: 2px solid black; | dev<br />
| style='border: 2px solid black; | ip addr<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM1<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9141<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens192<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens224<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.1<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens256<br />
| style='background-color:#66cccc; border: 2px solid black;" | do-not-use<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM2<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9142<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens192<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens224<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.2<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#66cccc; border: 2px solid black;" | VM3<br />
| style="background-color:#66cccc; border: 2px solid black;" | 9143<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens192<br />
| style='background-color:#66cccc; border: 2px solid black;" | 172.20.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | ens224<br />
| style='background-color:#66cccc; border: 2px solid black;" | 192.168.14.3<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
| style='background-color:#66cccc; border: 2px solid black;" | none<br />
|-<br />
| style="background-color:#cccc66; border: 2px solid black;" | VM4<br />
| style="background-color:#cccc66; border: 2px solid black;" | 9144<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens192<br />
| style='background-color:#cccc66; border: 2px solid black;" | 172.20.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | ens224<br />
| style='background-color:#cccc66; border: 2px solid black;" | 192.168.14.4<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
| style='background-color:#cccc66; border: 2px solid black;" | none<br />
|}<br />
<br />
Perform the following steps on vm2:<br />
<br />
==Investigation 2: Control Workstation Configuration==<br />
Perform the following steps on VM1 as root:<br />
<br />
==Investigation 3: Scripts for remote administrations==<br />
=== Task 1 ===<br />
Using bash scripts<br />
=== Task 2 ===<br />
Using Ansible Playbooks<br />
<br />
<br />
==Completing the Lab==<br />
<br />
<br />
Follow the instructions on blackboard to submit the lab.<br />
<br />
==Exploration Questions==</div>Rchan