1.
|
Login to RMS2 from RMS1
|
Login using the admusr account and the private key generated
when the OS Install was completed on RMS2. Sudo to root after logging in.
$ ssh -i /var/occne/rainbow.lab.us.oracle.com/.ssh/occne_id_rsa admusr@172.16.3.5
$ sudo su -
|
2.
|
Install Necessary RPMs
|
Install the following files from the ISO USB onto RMS2.
$ yum install qemu-kvm libvirt libvirt-python libguestfs-tools virt-install -y
|
3.
|
Configure the Kickstart file
|
The initial setup includes steps to configure the kickstart
file and create the bridge necessary for the VM to network to the system hosts.
- Mount the Utility
USB.
Note: Instructions for
mounting a USB in Linux are at:
OCCNE Installation of Oracle Linux 7.5 on Bootstrap Host : Install Additional
Packages. Only follow steps 1-4 to mount the USB.
- Copy the kickstart
file from the Utility USB to the
/tmp directory as
bastion_host.ks on
RMS2.
Note: The
/tmp location is highly
volatile and may be cleaned out on reboot. It is strongly recommended to put
this somewhere else for safe keeping. It can always be downloaded again.
$ cp /media/usb/bastion_host.ks /tmp/bastion_host.ks
- Update the
kickstart file using the following commands to set the following file
variables:
BASTION_VLAN2_IP
BASTION_VLAN3_IP
BASTION_VLAN4_IP
BASTION_VLAN4_MASK
GATEWAYIP
NODEHOSTNAME
NTPSERVERIPS
NAMESERVERIPS
HTTP_PROXY
-
PUBLIC_KEY
Note:
HTTP_PROXY in the
commands below require only the URL as the
http:// is provided in
the sed command. If a proxy is not needed this variable still must be set to
something as it cannot be left blank. In that case just set it to an unused IP
address.
$ sed -i 's/GATEWAYIP/<gateway_ip>/g' /tmp/bastion_host.ks
$ sed -i 's/BASTION_VLAN2_IP/<bastion_vlan2_ip>/g' /tmp/bastion_host.ks
$ sed -i 's/BASTION_VLAN3_IP/<bastion_vlan3_ip>/g' /tmp/bastion_host.ks
$ sed -i 's/BASTION_VLAN4_IP/<bastion_vlan4_ip>/g' /tmp/bastion_host.ks
$ sed -i 's/BASTION_VLAN4_MASK/<bastion_vlan4_mask>/g' /tmp/bastion_host.ks
$ sed -i 's/NODEHOSTNAME/<node_host_name>/g' /tmp/bastion_host.ks
$ sed -i 's/NAMESERVERIPS/<nameserver_ip>/g' /tmp/bastion_host.ks
$ sed -i 's/NTPSERVERIPS/<ToRswitch_Platform_VIP>/g' /tmp/bastion_host.ks
$ sed -i 's/HTTP_PROXY/http:\/\/<http_proxy>/g' /tmp/bastion_host.ks
$ sed -e '/PUBLIC_KEY/{' -e 'r /home/admusr/.ssh/authorized_keys' -e 'd' -e '}' -i /tmp/bastion_host.ks
|
4.
|
Configure Networking
|
The networking required to interface with the Bastion Host is
all handled by executing the following command set:
$ sudo su
$ cd /etc/sysconfig/network-scripts/
$ sed -i '/IPADDR/d' ifcfg-team0
$ sed -i '/PREFIX/d' ifcfg-team0
$ sed -i '/GATEWAY/d' ifcfg-team0
$ sed -i '/DEFROUTE="yes"/d' ifcfg-team0
$ echo "BRIDGE=teambr0" >> ifcfg-team0
$ cp /tmp/ifcfg-bridge ifcfg-teambr0
$ sed -i 's/{BRIDGE_NAME}/teambr0/g' ifcfg-teambr0
$ sed -i 's/{IP_ADDR}/172.16.3.5/g' ifcfg-teambr0
$ sed -i 's/{PREFIX_LEN}/24/g' ifcfg-teambr0
$ sed -i '/NM_CONTROLLED/d' ifcfg-teambr0
$ cp /tmp/ifcfg-vlan ifcfg-team0.2
$ sed -i 's/{BRIDGE_NAME}/vlan2-br/g' ifcfg-team0.2
$ sed -i 's/{PHY_DEV}/team0/g' ifcfg-team0.2
$ sed -i 's/{VLAN_ID}/2/g' ifcfg-team0.2
$ sed -i 's/{IF_NAME}/team0.2/g' ifcfg-team0.2
$ echo "BRIDGE=vlan2-br" >> ifcfg-team0.2
$ cp /tmp/ifcfg-bridge ifcfg-vlan2-br
$ sed -i 's/{BRIDGE_NAME}/vlan2-br/g' ifcfg-vlan2-br
$ sed -i 's/{IP_ADDR}/192.168.20.12/g' ifcfg-vlan2-br
$ sed -i 's/{PREFIX_LEN}/24/g' ifcfg-vlan2-br
$ service network restart
|
5.
|
Copy and Mount the Oracle Linux ISO
|
-
Create the
/var/occne directory on
RMS2 if not already existing.
$ mkdir /var/occne
- Verify the OL7
iso file is available from the previous procedure:
OCCNE Install Host OS onto RMS2 from the Installer Bootstrap Host - RMS1
in the
/var/occne directory.
From RMS2, SCP the Oracle Linux ISO from RMS1 into the
/var/occne directory on
RMS2 and verify the permissions are set to 0644. The file should be in the
/var/occne directory on
RMS1. If the file is not on RMS1 it must be downloaded from the customer
specific site where the OL is maintained onto RMS2.
Note: The example below uses
OracleLinux-7.5-x86_64-disc1.iso .
If the user copies this ISO from their laptop then they must use an application
like WinSCP pointing to the Management Interface IP.
$ scp root@172.16.3.4:/var/occne/<iso_file_name>.iso /var/occne/.
$ chmod 644 /var/occne/<iso_file_name>.iso
|
6.
|
Update the
qemu.conf File
|
- Un-comment the
user and group fields in the
/etc/libvirt/qemu.conf
file on RMS2.
$ vim /etc/libvirt/qemu.conf
Update fields:
# Some examples of valid values are:
#
# user = "qemu" # A user named "qemu"
# user = "+0" # Super user (uid=0)
# user = "100" # A user named "100" or a user with uid=100
#
user = "root"
# The group for QEMU processes run by the system instance. It can be
# specified in a similar way to user.
group = "root"
- Restart the
libvirtd service RMS2.
Note: After the restart the
service should become enabled. If an error is displayed like the following, it
can be ignored for now. A bug story has been opened to address this in a later
release.
Jun 01 16:13:14
db-2.odyssey.morrisville.us.lab.oracle.com systemd [1]
: Starting Virtualization daemon... Jun 01 16:13:14
db-2.odyssey.morrisville.us.lab.oracle.com systemd [1]
: Started Virtualization daemon. Jun 01 16:13:15
db-2.odyssey.morrisville.us.lab.oracle.com dnsmasq
[39538] : read
/etc/hosts - 2
addresses Jun 01 16:13:15
db-2.odyssey.morrisville.us.lab.oracle.com dnsmasq
[39538] : failed to load names from
/var/lib/libvirt/dnsmasq/default.addnhosts :
P...enied Jun 01 16:13:15
db-2.odyssey.morrisville.us.lab.oracle.com dnsmasq
[39538] : cannot read
/var/lib/libvirt/dnsmasq/default.hostsfile :
Permission denied Hint: Some lines were ellipsized
$ systemctl daemon-reload
$ systemctl restart libvirtd
$ systemctl enable libvirtd
To Verify:
$ systemctl status libvirtd
|
7.
|
Create the Bastion Host VM
|
- Execute the
virt-install command on
RMS2.
$ virt-install --name bastion_host --memory 8192 --vcpus 2 --metadata description="Bastion Host" \
--autostart --location /var/occne/OracleLinux-7.5-x86_64-disc1.iso \
--initrd-inject=/tmp/bastion_host.ks --os-variant ol7.5 \
--extra-args "ks=file:/bastion_host.ks console=tty0 console=ttyS0,115200" \
--disk path=/var/lib/libvirt/images/bastion_host.qcow2,size=300 \
--network bridge=teambr0 --network bridge=vlan2-br --network bridge=vlan4-br
--graphics none
- After the VM
creation completes, the login prompt appears which allows the user to login to
the Bastion Host.
- To exit from the
virsh console press CTRL+ '5' keys, after logout from VM.
|
8.
|
Un-mount the Utility USB
|
Use the umount command to un-mount the Utility USB and
extract it from the USB port.
$ umount /media/usb
|