...
| 코드 블럭 |
|---|
|
INTERNET
External |
eno1|
+------------+------------+
| |
| HOST |
| +----------+|
| | RDP-VM ||
| |172.19.0.3||
| +----------+|
+------------+------------+
br0(eno2)|172.19.0.1
Internal |
|
Servers Servers
(IPMI,iDRAC,iKVM../172.19.0.X) |
Install
| 코드 블럭 |
|---|
| language | bash |
|---|
| theme | Emacs |
|---|
| linenumbers | true |
|---|
|
sudo yum -y install dnsmasq cockpit-machines httpd policycoreutils-python-utils
sudo systemctl restart cockpit.socket
sudo systemctl enable --now cockpit.socket
sudo systemctl enable --now dnsmasq
sudo systemctl enable --now httpd |
Change SSH Port (if needed)
Follow instructions on the below documents
보안 / SSH 포트 변경
Network Configs
Connect to Cockpit
...
| 코드 블럭 |
|---|
| language | bash |
|---|
| theme | Emacs |
|---|
| linenumbers | true |
|---|
|
sudo firewall-cmd --permanent --zone=public --add-service=cockpit
sudo firewall-cmd --permanent --zone=public --add-service=dhcp
sudo firewall-cmd --permanent --zone=public --add-service=dns
sudo firewall-cmd --permanent --zone=public --add-service=samba
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-port=<YOUR_SSH_PORT>/tcp
sudo firewall-cmd --permanent --zone=public --add-port=<YOUR_RDP_PORT>/tcp
sudo firewall-cmd --reload |
...
Modify Network (to bridge)
Install Windows on VM
- How to skip the security questions during the Windows 10 Setup
- 설치할 때, 암호 찾기 질문(3개) 건너 뛰는 방법
Config on VM
...
- Disable automatic updates on Windows 10 permanently
- Enable Remote Desktop
- Install Chrome
- Install some programs you needed
- 윈도우 업데이트 끄기
- 원격데스크탑 설치
- 크롬 설치
- 기타 프로그램 설치
Connect to VM via Remote Desktop
...
| 코드 블럭 |
|---|
| language | bash |
|---|
| theme | Emacs |
|---|
| linenumbers | true |
|---|
|
sudo mkdir /ISOs
chmod 777 /ISOs
cd /ISOs
wget http://ftp.kaist.ac.kr/CentOS/8.2.2004/isos/x86_64/CentOS-8.2.2004-x86_64-minimal.iso
wget http://ftp.kaist.ac.kr/ubuntu-cd/20.10/ubuntu-20.10-desktop-amd64.iso
wget http://ftp.kaist.ac.kr/ubuntu-cd/20.10/ubuntu-20.10-live-server-amd64.iso
...
sudo chown -R nobody:nobody /ISOs
sudo chmod 644 /ISOs/*.iso
sudo chcon -t samba_share_t /ISOs
sudo semanage fcontext -a -t samba_share_t /ISOs
sudo setsebool -P samba_export_all_rw on |
Change configs
| 코드 블럭 |
|---|
| language | text |
|---|
| theme | Emacs |
|---|
| title | /etc/samba/smb.conf |
|---|
| linenumbers | true |
|---|
|
[global]
server min protocol = NT1
bind interfaces only = yes
interfaces = lo br0
workgroup = WORKGROUP
log level = 2
map to guest = Bad User
log file = /var/log/samba/log.%m
[ISOs]
path = /ISOs
public = yes
browsable = yes
read only = yes |
Change configs
| 코드 블럭 |
|---|
| language | text |
|---|
| theme | Emacs |
|---|
| title | /etc/samba/smb.conf |
|---|
| linenumbers | true |
|---|
|
sudo systemctl status smb |
Change configsCheck status
| 코드 블럭 |
|---|
| language | text |
|---|
| theme | Emacs |
|---|
| title | /etc/samba/smb.conf |
|---|
| linenumbers | true |
|---|
|
sudo systemctl status smb |
Mount ISO image on BMC (iDRAC, IPMI, ...)
관리 서버에서 ISO 이미지 마운트  Image Modified
| Check the logs on samba server to access the ISO file on via IPMI
삼바 서버 로그를 통해 IPMI에서 ISO 파일에 접근하였는지 확인 | 코드 블럭 |
|---|
| language | text |
|---|
| theme | Emacs |
|---|
| linenumbers | true |
|---|
| # tail -f /var/log/samba/log.172.19.0.15
...
[2020/11/04 13:39:45.950194, 2] ../../source3/smbd/open.c:1456(open_file)
...... opened file CentOS-8.2.2004-x86_64-minimal.iso read=Yes write=No (numopen=1)
|
|
Change Service Initiation Order
Add [After=network-online.target] on [dnsmasq.service] in [UNIT] section
| 코드 블럭 |
|---|
| language | text |
|---|
| theme | Emacs |
|---|
| title | /etc/systemd/system/multi-user.target.wants/dnsmasq.service |
|---|
| linenumbers | true |
|---|
|
[Unit]
Description=DNS caching server.
After=network.target
After=network-online.target
...
|
Add [After=dnsmasq.service] on [libvirtd.service] in [UNIT] section
| 코드 블럭 |
|---|
| language | text |
|---|
| theme | Emacs |
|---|
| title | /etc/systemd/system/multi-user.target.wants/libvirtd.service |
|---|
| linenumbers | true |
|---|
|
[Unit]
Description=Virtualization daemon
...
After=network.target
After=dnsmasq.service
|