== Objectives OBJECTIVE & PREPARATION ==*Install your host machine (Centos 7)*Install 3 virtual machines (VMs) (Fedora 22 - Server)*Prepare for lab exercises.

== Required materials ==*Centos 7 Installation DVD*One SATA hard disk in This lab is a repeat of a removable drive tray portion of lab1 (minimum 250GBand some of lab2) - It is strongly advised that you dedicate a drive for already performed in OPS235 plus some newer content that relates to this course onlyweek's notes.*Recommended You are expected to be able to complete all this using your existing skills and knowledge or refer back to your OPS235 lab- USB drive (8 GB+) for creating and storing backups (Virtual Machines, configuration files)book or OPS235 WIKI notes.

=== Installation instructions for Centos 7 Required materials ===#Download a copy of the Centos 7 installation DVD (64 bit edition) from the Centos web site or belmont. Note: we'll be using the 64 bit version of Centos because all of our lab computers are equiped with Intel 64 bit mainboards and CPUs. We'll also be using a Fedora iso for installing the virtual machines, but you will not need to burn that to a disc. It is faster to download the ISO and install directly from it.#* '''Seneca's mirror of Centos:''' http://belmont.senecacollege.ca/pub/centos/7/isos/x86_64/CentOS-7-x86_64-Full Installation DVD-1511.iso<br />(This is very fast, but is only accessible from within Seneca's network - you can't access this from home. You can burn this disc on the machines in the Open Lab.)<br />#* '''Centos mirror list One Solid State Drive (available from any Internet connectionSSD), mininmum capacity:''' https://www.centos.org/download/mirrors/ 240 GB (version: '''7USB 3.2.1511'''0)<br />#Insert your HDD into the docking bay of a PC in the lab and boot the computer using your installation DVD. If possible try to use the same PC for this course for the rest of the semester. Some PCs may be configured with slight hardware variations from others which may cause problems when moving your HDD from one system to another. #Most modification It is now perform through strongly advised you dedicate a single summary screen. Use it to customize your installation following these guidelines:#*Set Date &amp; Time#*'''Turn on networking''' and use '''your Seneca ID''' as the '''hostname'''.#*Under software selection, choose '''Server with gui''', and ensure you enable the software package '''KDE''' (located on the right-hand-side).#*For installation destination, select your drive (not the one internal to the PC), and select the option to manually configure partitioning.#**Delete any old partitions.#**Click the link to '''create partitions automatically''' (for this will give a typical layout with /, /boot, /boot/efi, /home, etc).#**Free up space by shrinking the '''/home''' partition. Since your machine will have far fewer users and more virtual machines than a typical installation, we will need that space elsewhere.#**Create a new logical volume for '''/var/lib/libvirt/images''' and give it the space made available by shrinking /home (You will need enough space for 6 virtual machines at 8GB each). You may wish to keep some extra space left unassigned in case you need some space later, but the majority of the space you will need will be for ''/var/lib/libvirt/images''.#**Make certain that the existing partitions have the file system type '''ext4''' (not xfs).#During the installation process you will also have the opportunity to create users.#*set the root password#*create a '''user account''' named with '''your Seneca ID'''#After completing the installation, remove the DVD and reboot from your HDDcourse only.

==INVESTIGATION 1: HOST INSTALLATION== === Installation instructions for CentOS 7 ===#Login as It may be advisable to obtain the <u>latest version</u> of the CentOS 7 Full Installation DVD since there may be improvements since the user last version from when you created took OPS235.<br><br># Download and open burn on a DVD a terminal windowcopy of the CentOS 7 installation DVD (64 bit edition) from the CentOS web site or the Belmont server. Then use <br>'''Note:'''suwe' to become root ll be using the 64 bit version of CentOS because all of our lab computers are equipped with Intel 64 bit mainboards and CPUs, and run any computer you bought in the last few years for yourself will be 64bit as well.<br><br>#* '''Seneca's mirror of CentOS:''yum update' commandhttps://mirror.senecacollege. Reboot after all updates have completedca/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-2009. Now that your system iso <br>This is up to datevery fast, again login using your learnid and do but is only accessible from within Seneca's network - you can't access this from home. You can burn this disc on the machines in the following:Open Lab.)<br><br>#*Verify that your system date and time are correct'''Outside Seneca College link (available from any Internet connection):<br>''' https://mirror.netflash.net/centos/7.9. If not then set the correct system date and time2009/isos/x86_64/CentOS-7-x86_64-DVD-2009.iso<br /><br>#*Verify that You need to refer to your OPS235 notes in order to install your network host machine.<br>Here is functioninga direct link:<br> [https://wiki.cdot.senecacollege.ca/wiki/OPS245_Lab_1 OPS245 - Lab1] <ol><li value=4>Customize your installation following these guidelines:<ul><li>'''Turn on networking''' and use '''host''' as the '''hostname'''.#**If <li>Under software selection, choose '''Gnome desktop'''.<li>The partition setup is similar to what you do not have an ip address, edit had in OPS235:<ul><li>Delete any old partitions.<li>Select the line in hard disk and indicate "I will configure partitions" and click done.<li>Click the file link to '''create them (partitions) automatically'''(this will give a typical layout with /, /boot, /boot/efi, /home, etc).<li>Free up at least '''100GB''' of disk space by shrinking the '''/sysconfighome''' partition (At least '''40 GB''' for root (/network-scripts) and '''40GB''' for /home). Since your machine will have far fewer users and more virtual machines than a typical installation, we will need that space elsewhere.<li>Create a new logical volume for '''/var/lib/libvirt/ifcfg-eth0images''' and give it the space made available by shrinking /home (note this You will need enough space for up to 10 virtual machines at 8GB each plus room to compress/extract images).<li>Make certain that the existing partitions '''except swap, /boot and /boot/efi''' have the file name may differ between machinessystem type '''ext4''' (not xfs). onboot=no</ul></ul><li>After the installation starts you will also have the opportunity to create users.<ul>should be:<li>Set the root password <li>Create a '''user account'''named with ''onboot=yes'your MySeneca ID'''</ul></ol><br> === First boot === # In the current version of CentOS the first time you boot your system a graphical licence prompt comes up.<br><br><ol><li value="2">Log in and check that you have access to the internet. If you had don't - you need to get the network interface to change that, reboot come up on boot. Edit the appropriate config file and configure your machine before continuingmain network interface to come up at boot.</li><ol type="a"ul><li>Run and record the output of You can then use the '''df -hTifup''' command.</li><li>Run and record the output of the '''cat /etc/fstabifdown''' commandcommands to reset your network configuration or you can just reboot.</li></ul></li><li>Run and record Make certain that '''SELinux''' is '''enforcing''' for security reasons (this should be the output of default). To make it ''enforcing'', simply edit the '''cat /etc/issueselinux/config'''file and follow the instructions inside. {{Admon/important |SELinux in Andrew' commands sections|If you're in one of Andrew's sections - please disable SELinux (i.e. do the opposite of the bullet above). This will give you some extra freedom in the rest of the course to learn and experiment without being bogged down by inexplicable permission denied errors.}}</li><li>Run and record the output of Install all updates using the '''uname -ayum update''' command.</li></ol></li></olbr>

The most recent variants of Centos and Fedora are using a service called '''firewalld''' that replaces is intended to replace '''iptables''', however the ''iptables'' service is still in relatively common usage. In this course we will keep running concentrate on ''iptables on the host machine, and gain experience with the new service on the virtual machines''.#install and enable iptables<ol><li>Disable firewalld:<source> yum install iptables-servicessystemctl disable firewalld systemctl enable iptablesstop firewalld</source></ol><ol><li value="2">disable firewalld by issuing Install and enable the commandIPTables services:<brsource>yum install iptables-servicessystemctl enable iptablessystemctl start iptables</lisource></ol>At this point you have a basic Centos system installed and updated. systemctl disable firewalldThis will serve as a host for the virtual machines where you will do the majority of the work in this course. All the rest of our labs will assume you have this basic system running. If, for any reason, your system becomes corrupted during the semester, you'll have to redo this lab to be able to continue with the remaining uncompleted labs. You are responsible for YOUR system. If you do not perform back-ups you have taken this risk on yourself. Poor planning on your part does not constitute an emergency for anyone else.

<ol><li value="3">Note that the machine will not switch over to using iptables until you reboot'''Record steps, but you will be doing that shortlycommands, so there is no need to do so right now.</li></ol>and your observations in INVESTIGATION 1 in your OPS235 lab log-book'''

==INVESTIGATION 2: VIRTUAL MACHINE INSTALLATION== ===Configuring a Linux GatewayVM host===At this point you have a basic Centos system installed and updated. This # You will serve need to install some software to allow your machine to act as a host for virtual machines. We'll be using the same '''libvirt''' and '''virt-manager''' you used in [https://wiki.cdot.senecacollege.ca/wiki/OPS235_Lab_2 OPS235 - Lab2].<br>You may find it helpful to refer back to the '''OPS235 notes''' to perform the following operations:#* Install the required virtualization software#* Start and enable the virtualization service#* Reboot your host machine<br><br># Start the graphical virtual machines machine manager (''virt-manager''). Do this as you regular user, and don't run virt-manager from a terminal where you're logged in as root.# We will be creating our own virtual network. A default virtual network has been created for you, but you will do the majority of the work be using a <u>custom</u> one in this course. All #* Right click '''localhost (QEMU)''' and select '''Details'''.#* Click on the '''Virtual Networks''' tab.#* Stop and delete the '''default''' network.#* Use the '''plus sign''' to add a new virtual network using the following options:#:* Name your virtual network '''ops235'''#:* Use the '''last two digits of your student number for the rest third octet of our labs network IP address''' (for example, if your student number is 000-000-0<b>90</b>, the network address would be 192.168.<b>90</b>.0/24.#:* Ensure the DHCP range will assume allow you have this basic system runningto assign '''at least 10 static IP addresses outside it''' (note: leave the low numbers available for static addresses).#:* Choose '''Forwarding to physical network''' radio button, '''Destination: Any physical device''' and '''Mode: NAT'''#:* Ensure the network is '''started at boot'''. If <br> === VM Installation=== With the virtualization software installed and your personal network created, for any reasonyou are now ready to create your first virtual machine.First, It is a good idea to make certain that your host machine has been set up correctly prior to creating your first virtual machine: #Open a separate terminal and issue the '''ip address show''' command on your host machine to know your physical network and your system becomes corrupted during virtual network. Note this information for the next few steps.#Issue the semester, youfollowing command to download Bash shell script to check your host machine'll have s set-up prior to redo proceeding with this lab :<br>'''wget http://ict.senecacollege.ca/~andrew.smith/ops335/labcheck_install.sh'''<br>#Assign execute permissions, and run the script to be able check your work:<br> '''labcheck_install.sh'''<ol><li value="4">Use the information from the '''ip address show''' command to continue with correctly specify the '''physical network interface''' and the remaining uncompleted labs'''virtual network interface'''. </li></ol> '''NOTE:''' You are responsible will need an ISO file for YOUR systemCentOS 7 (the same one you burned your DVD from). If you do not perform back-ups you have taken It is recommended to use the command to download this risk on yourselfimage onto your host machine. Poor planning In this way, you can keep it on your part does not constitute an emergency host machine for anyone else.the remainder of this course in case you need it:

#You will need to install some software to allow your machine to act as a host for virtual machines'''wget http://mirror.csclub.uwaterloo. Issue the following command: yum install virt-manager libvirt<ol><li value="2">Start and enable the virtualization service:<ca/centos/7/isos/li><x86_64/ol> systemctl start libvirtd systemctl enable libvirtdCentOS-7-x86_64-DVD-2009.iso'''

<ol><li value="3">Reboot your machine. If you do not, you will not be able to install any virtual machines.</li><li>Start Perform the graphical virtual machine manager<ul><li>You will need following steps to enter create your root password.</li></ul><li>Create first VM on your own virtual network. A default virtual network has been created for you, but you will be using a custom one in this course.</li><ul type="a"><li>Right click 'localhost (QEMU)' and select 'Details'. Click on the 'Virtual Networks' tab.</li><li>Stop and delete the 'default' network.</li><li>Run, and record the output of the following commandMachine Manager application: iptables -t nat -L</li><li>Use the plus sign to add a new virtual network using the following options.</li></ol>

::* Select the correct ''location / Time Zone'Record '.::* For Software Selection: Accept the default '''minimum install'''. None of your observations VMs in Part A in your OPS335 lab log-bookthis course will have a GUI since GUIs needlessly consume resources and image space. <ol><li>Click '''Installation Destination''', and then click '''Done''' to confirm that an '''automatic install''' will be performed.</li><li>Click Network & Hostname and set hostname to: '''vm1.localdomain''' and make certain the ''Ethernet connection'' is set to '''ON'''.</li><li>During installation you will be prompted to set the ''root password'' and an '''initial user account'''. For the ''initial user'', enter the same information you entered on your host machine.</li></ol>

*#You will notice that the server installation defaults to a command-line interface. This is normal, and we will only be using this interface during this course.*#Ensure your machine has a network connection by running the command host cbc'''ssh your_seneca_id@matrix.senecacollege.ca'''<ol><li value="3">If that did not work- make sure GlobalProtect VPN is installed on your Windows/Mac and connected. If it is, edit the line in ensure your CentOS network interface is started automatically on boot.</etcli></sysconfigol>{{Admon/tip|Default for networkconfig for onboot|If you've turned on your networking interface during installation -scriptsit will be turned on by default. If you've left the network interface off during the installation - it will be off by default.}}<ol><li value="4">Once you have a working connection - update your machine.</li></ifcfg-eth0ol> onboot=no'''yum update'''should be<ol> onboot<li value=yes"5">Install the '''bind-utils''' package. The commands it provides (e.g. nslookup) will be useful in troubleshooting your network connection.</li>*If <li>You may also want to install the '''nmap''', '''telnet''' and '''net-tools''' packages to help you had to change thattroubleshoot connectivity issues.</li><li>Configure '''firewalld, reboot your iptables''' and (if required) '''SELinux''' the same way you did for the host.</li><li>Reboot the virtual machineonce it is updated.</li></ol>

*Once ===Cloning a Virtual Machine===<ol><li> Now that you have a one virtual machine working connection update , you will create two more. If you struggled with the previous steps, repeat them to create two more virtual machines.</li><li>'''If you are confident with what you have done so far, you may clone your existing machine (this may take to create the others by performing the following steps:'''</li><li><ol type="a while)."> yum update*Reboot the <li>Make certain that your '''vm1''' virtual machine once it is updatedshutdown.</li>*If <li>For your virtual '''vm1''' machine hangs on boot, you will need go to change a graphics option:the details section and remove the <u>device</u> '''Channel qemu-ga'''.</li>**While <li>In the VM is offvirtual machine manager, '''right click ''' on 'View' (from the menu at the top of the VM window), vm1'' and select 'Details''Clone...'''.</li> <li>Set the Name to be: '''vm2'''</li></ol></li>**From <li>Once successfully created, boot the new VM and correct the menu on host name. This can be done using the left side, select 'Display''hostnamectl''' command-line tool.</li>**Change <li>Record in your notes the steps for cloning a vm.</li><li>Use the drop-down list host command to check for Type from connectivity</li><li>After creating '''vm2'VNC' ' repeat the above steps to create '''vm3''' and correct the hostname ('''vm2.localdomain''Spice', and click apply'''vm3.localdomain''' respectively).</li></ol> **Switch {{Admon/important |Backup your VMs!|You MUST backup ALL of your VMs whenever you complete your '''OPS335 labs''' or when working on your '''OPS335 assignments''':<br>[ [https://wiki.cdot.senecacollege.ca/wiki/OPS235_Lab_2_-_CentOS7_-_HD2#Part_1:_Backing_Up_Virtual_Machines Backing up Your Virtual Machines] ]. Refer to OPS235 lab2 notes on how to backup your VMs. You should backup your VMs to a USB key in case something happens to your host machine. Note: VM files contained in the '''/var/lib/libvirt/images''' directory have the view back extension in '''.qcow2''' and instead of '''.img''' (eg. for OPS235 courses prior to Fall 2016.}}  ''Console' Record steps, commands, and start the your observations in INVESTIGATION 2 in your OPS335 lab log-book''' ==COMPLETING THE LAB ==Upon completion of this lab you should have 4 installed machines. One machine againrunning Centos 7 and acting as a host and gateway for three virtual machines running minimal installations of Centos 7.*Now run Each machine must be fully updated and have access to the following commands network (for example, to get further updates) and note be able ping the outputothers. Note how they differ from Each machine must be using iptables for the firewall. ===Online Submission=== Follow the Centos installation instructions for lab 0 on your hostblackboard. df <!-hT-===Andrew's sections===  cat /etc/fstabYou may choose to:* Submit screenshots of your work on Blackboard, in which case you don't need to come to the lab.* Or come to the lab, show me your work, and talk to me about it. I want to hear what you've learned and answer any questions you have. cat /etc/issue uname -aYou'll get the same grade regardless of how you choose to submit your work.

Expected results of this lab are: ::<span style===Cloning a Virtual "color:green;font-size:1.5em;">&#x2713;</span> Host Machineinstalled::<span style===*Now that you have one virtual machine working, you will create two more"color:green;font-size:1. If you struggled with the previous steps, repeat them to create two more 5em;">&#x2713;</span> 3 virtual machines (naming them f22installed::<span style="color:green;font-vm2 and f22-vm3, with hostnames vm2size:1.localdomain 5em;">&#x2713;</span> Each machine (host and vm3.localdomain respectivelyVM).*If you are confident with what you have done so far, you may clone your existing machine has access to create the others.network**To quickly create additional VM's shutdown 'f22::<span style="color:green;font-vm1', right click and select 'Clone...'size:1.5em;">&#x2713;</span> Lab logbook completed***Set the Name to be: f22:<span style="color:green;font-vm2**Once successfully created, boot the new VM and correct the host namesize:1. This can be done using 5em;">&#x2713;</span> Run the hostnamectl command-line tool'''labcheck_install. ***Record in sh''' shell script on your notes how each is done.**Use the host command to check for connectivitymachine**After creating f22-vm2 repeat the above steps to create f22-vm3 and correct the host name.>

== Completing the Lab EXPLORATION QUESTIONS==Upon completion of this lab you should have 4 installed machines. One machine running Centos 7 and acting as a host and gateway for three virtual machines running Fedora 22 Server. Each machine must have access to the network (for example, to get updates) and be able ping the others.

#What file was edited to change the host name on your VM's?#Explain Are there other ways to change the iptables rules displayed when you ran the command 'iptables -t nat -L'. How did they change after creating your personal network.hostname?