Create a Centos Staging Server
The CentOS VM will become the staging area for the docker container.
Virtualbox NatNetwork created (all hosts on it).
- A webserver running on the NatNetwork that can host the kickstart file.
- Alternate - you can add an additional host-only adapter and serve the kickstart file from the host machine. See the “Workstation Build Process” Document and the section about the Virtual Machine
- Configure a NAT Network on the host OS
VBoxManage natnetwork add --netname natnet1 --network "192.168.7.0/24" --enable
References & Additional Information
- Basic Guide
- Kickstarter Password handling
python import crypt,getpass; print crypt.crypt(getpass.getpass(), "$6$4egcSVDxHKCc1tpG")
- Download the minimal Centos install from http://isoredirect.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-1804.iso
- Create a new machine virtualbox (Button in upper left)
- Name the image centos_staging
- Set ram to 2048 MB
- Create virtual hard disk - VDI - Dynamically allocated - 20G
Configure 2 network adapters on the base image.
Note This two adapter configuration may need revisiting. NAT will allow internet, but isolates client devices. NAT Network allows devices on the same network to talk, and to talk to the host, but not to the internet. Additional Reference
- Select downloaded CentOS image file
On the temporary server hosting the kickstart file…
Run these shell commands on the server that will host the kickstart file
cd ~ mkdir proj git clone https://github.com/wbmartin/container_toolbox cd /proj/container_toolbox ifconfig #(get the IP) ls 010*# to get the filenames, kickstart should be 010-CentOS7-cis.ks
On the New CentosVM…
- Virtually power the machine on and press tab on boot and replace the ks with
http://[IP]/010-CentOS7-cis.ks in the screenshot below. The whole line should look like: vmlinuz initrd=initrd.img ks=http://192.168.57.1:11111/010-StageServer-CentOS7-cis.ks
Expect: Everything should install, VM should be ~ 7G on disk Tip: You may have trouble connecting to the internet at this point - problem seems to be in the nat network created, using a simple NAT network immediately may let the machine get through the gateway.
- Run these shell commands as root on the VM that will create the docker image (staging server)
yum update -y yum install git -y cd /opt git clone https://github.com/wbmartin/confighub git clone https://github.com/wbmartin/project-base ./project-base/stagebin/055-StageServer-CentOS-PostInstall.sh # install packages and configure env. systemctl start docker # launch docker systemctl enable docker #launch docker on startup
Expect: reboot; git installed; container toolbox available; docker running and will
- On startup Edit the /etc/hosts/allow to permit the host only adapter to ssh:
vi /etc/hosts.allow #add the following line sshd : 192.168.57.1
- Edit the SSH config to allow extended sessions - Note this should only be extended for protected dev servers.
vi /etc/ssh/sshd_config #update the following value ClientAliveInterval 3000