VAPP Creation LBL relese 9 from scratch

Compatibility Matrix of Operating System Modules and Services

VAPPs are arranged with the services necessary for the operation of the system Oplon nevertheless you can install other features to the base operating system previously verified the coexistence of the modules with the services provided by the platform Oplon.

Creating a Virtual Appliance from a Linux image

In many cases it is more convenient to create a Virtual Appliance directly from operating system images provided by cloud provider. This allows you to use Virtual Appliance certified and tested in the environment in which you will find to operate accompanied in most cases also of the Apis that serve to make the Virtual Appliance a tool perfectly integrated.

The creation of a Virtual Appliance in an already installed operating system is very simple and requires very few steps to have a VAPP Oplon perfectly integrated.

The installation can be carried out both online, if the Virtual Appliance has Internet connectivity, both offline, if the Virtual Appliance has no Internet connectivity. The installation of the Virtual Appliance provides to perform certain operations to prepare the setup that will be fully guided.

Supported operating systems for the ADC system are:

  • CentOS Linux 7

  • CentOS Linux 8

  • Linux Ubuntu 14.04 or higher

  1. Create the directory support

    # mkdir/share
    # Chmod 777 /share
    
  2. Creating user administrator

    # groupadd administrator
    # useradd -m -g administrator administrator
    
  3. Enabling user administrator to run sudo

    vi /etc/sudoers
    ##Allow root to run any commands anywhere
    root ALL(ALL) ALL
    administrator ALL(ALL) ALL
    
  4. Change hostname Adaptation of host name (the name is at the discretion)

    #Hostname OPLONR09
    
  5. Add the host name in: (name is at the discretion)

    # vi /etc/hosts
    127.0.1.1  OPLONR09 OPLONR09.localdomain
    
  6. Add the host name in: (name is at the discretion)

    # vi /etc/hostname
    OPLONR09
    
  7. Disable If Linux Getenforce test if enforce enabled

    # vi /etc/selinux/config
    
    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    # enforcing - SELinux security policy is enforced.
    # permissive - SELinux prints warnings instead of enforcing.
    # disabled - No SELinux policy is loaded.
    SELINUX=disabled
    # SELINUXTYPE= can take one of three two values:
    # targeted - Targeted processes are protected,
    # minimum - Modification of targeted policy. Only selected processes are protected.
    # mls - Multi Level Security protection.
    # SELINUXTYPE=targeted
    
  8. Stop the firewall and disable

    # systemctl stop firewalld
    # systemctl disable firewalld
    or
    # ufw disable
    
  9. Verification of not being able to access by root via ssh

    # vi /etc/ssh/sshd_config
    #LoginGranceTime 2m
    PermitRootLogin no
    #StrictMode yes
    #MaxAuthTries 6
    #MaxSessions 10
    
  10. Restart the ssh service

    # systemctl restart sshd.service
    
  11. Installation of packages needed (dnf versions CentOS 8,Yum CentOS 7) (dnf versioni CentOS 8, yum CentOS 7)

    ```
    # dnf -y update
    # dnf -y install yum-utils
    # dnf -y install unzip
    # dnf -y install wget
    # dnf -y install rsync
    # dnf -y install bzip2
    # dnf -y install tar
    
       
        Ubuntu:
        ```
        # apt-get update
        # apt-get -y install unzip
        # apt-get -y install wget
        # apt-get -y install rsync
        # apt-get -y install bzip2
        # apt-get -y install tar
        ```
    
  12. Verification of active listeners

For safety reasons make sure there are no processes with active listeners on addresses publicly exposed or 0.0.0.0

Install Virtual Appliance from the Internet

To install the Virtual Appliance from the Internet it is sufficient to perform the following actions:

  1. By root go in /share

    # cd /share
    
  2. Download installation script script

    # wget  --no-cache --no-check-certified -n "https://www.oplon.net/LBL_INSTALL_LASTUPDATE.sh"
    
  1. Start installation script

    # bash LBL_INSTALL_LASTUPDATE.sh
    ....
    ....
    Login: your_login_oplon
    Password: your_PASSWORD_oplon
    

    Performs the download packages...

  2. If update you will see this message, if the new installation will not required Please consider a backup before performing any update! (this message only if it is an update)

    Do you wish to backup TCOProject files (yes/no/y/n)?
    
  1. If installation is done in Italy respond yes or y

    Are you an eligible country to use the JCE Stength Unlimited
    Jurisdiction (yes/no/y/n)? y
    
  1. Update the operating system and loading of packages from the Internet (Answer yes the first time why installs packages useful to Oplon)

    Do you wish to update Operating System (yes/no/y/n)?
    
  2. At the end of the procedure the setup screen appears on the appliance: image1

First login from Oplon Global Distributed Gateway

From the console it is possible to check the current configuration and DHCP address associated through normal Linux commands (ip addr).

image2

The system Oplon Monitor and Oplon Global Distributed Gateways are by default set up to accept connections from all networks.

image3

It is therefore sufficient to, check with the command "ip addr" an available address and log in from Oplon Management Console, LBL Web Console or from Oplon Global Distributed Gateway on the specified address es.:

To access the services Oplon Global Distributed Gateway type:

https://x.x.x.x:4444

(Where x.x.x.x is any address of the system if you have not changed the address 0.0.0.0 or the address you have chosen with lblsetup).

(Where x.x.x.x is any address of the system if you have not changed the address 0.0.0.0 or the address you have chosen with lblsetup).

image4

If not modified in phase of setup

login: root

image5