This is an old revision of the document!
The ADUCID Server Kit DVD contains VMware virtual machine (hardware version 11) installed in the same way, as is described in following sections, starting from Operating system install.
You need to do only this:
First check what you got from your cloud provider and uninstall unwanted components. Graphical interface and development components should not be present.
Go through all the following sections. (You will need the ADUCID Server Kit DVD, too.)
Please use CentOS 7 Minimal Install DVD image. See e.g. ftp://ftp.cvut.cz/centos/7.5.1804/isos/x86_64/CentOS-7-x86_64-Minimal-1804.iso.
Set
[root@AIM-4 ~]# fdisk -l Disk /dev/sda: 25.8 GB, 25769803776 bytes, 50331648 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x000ac63e Device Boot Start End Blocks Id System /dev/sda1 * 2048 2099199 1048576 83 Linux /dev/sda2 2099200 50298879 24099840 8e Linux LVM Disk /dev/mapper/centos-root: 19.3 GB, 19327352832 bytes, 37748736 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk /dev/mapper/centos-swap: 5343 MB, 5343543296 bytes, 10436608 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Base environment
SSH keys
ssh-keygen -t rsa
yum settings and OS update
vi /etc/yum.conf # proxy=http://yourproxy.domain.com:3128 # http_proxy=http://yourproxy.domain.com:3128 # https_proxy=http://yourproxy.domain.com:3128 yum update
Useful utilities
yum install wget mc net-tools
Time synchronization
yum install ntp # add suitable NTP server vi /etc/ntp.conf echo '30 * * * * root /usr/sbin/ntpd -q -u ntp:ntp' > /etc/cron.d/ntpd
VMware tools, if needed
yum install open-vm-tools systemctl start vmtoolsd.service systemctl enable vmtoolsd.service
Replace firewalld with iptables
yum install iptables-services vi /etc/sysconfig/iptables # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp –dport 22 -m state –state NEW -m recent –set –name ssh –rsource -A INPUT -p tcp –dport 22 -m state –state NEW -m recent ! –rcheck –seconds 60 –hitcount 4 –name ssh –rsource -j ACCEPT -A INPUT -p tcp -m state –state NEW -m tcp –dport 80 -j ACCEPT -A INPUT -p tcp -m state –state NEW -m tcp –dport 8080 -j ACCEPT -A INPUT -p tcp -m state –state NEW -m tcp –dport 8081 -j ACCEPT -A INPUT -p tcp -m state –state NEW -m tcp –dport 8086 -j ACCEPT -A INPUT -p tcp -m state –state NEW -m tcp –dport 443 -j ACCEPT -A INPUT -p tcp -m state –state NEW -m tcp –dport 61616 -j ACCEPT -A INPUT -p udp –match multiport –dports 8000:8999 -j ACCEPT -A INPUT -p tcp -m state –state NEW -m tcp –dport 161 -j ACCEPT -A INPUT -p udp -m state –state NEW -m udp –dport 161 -j ACCEPT -A INPUT -j REJECT –reject-with icmp-host-prohibited -A FORWARD -j REJECT –reject-with icmp-host-prohibited COMMIT # systemctl stop firewalld.service # systemctl disable firewalld.service # systemctl enable iptables.service # systemctl start iptables.service
selinux
# TBD # setsebool -P httpd_can_network_connect on vi /etc/sysconfig/selinux SELINUX=permissive init 6