Difference between revisions of "Helmet"
From CHG-Wiki
Jump to navigationJump to search (Added notes about firewall issues.) |
(Updated IPs and location information.) |
||
Line 1: | Line 1: | ||
− | [[User:Shrad | Shrad]]'s Fedora 19 VM. | + | [[User:Shrad | Shrad]]'s Fedora 19 VM. A new version of Helmet is forthcoming. |
==General Info== | ==General Info== | ||
{| class="wikitable" | {| class="wikitable" | ||
! System Name: | ! System Name: | ||
− | |align="right"|helmet. | + | |align="right"|helmet.chg.ucsb.edu |
|- | |- | ||
! IP: | ! IP: | ||
− | |align="right"|128.111.234.246 | + | |align="right"|128.111.236.136 <!--used to be 234.246--> |
|- | |- | ||
! Location: | ! Location: | ||
Line 35: | Line 35: | ||
==Notes== | ==Notes== | ||
+ | *On November 23rd, 2015, Helmet was moved along with [[zippy]] to the sixth floor ERI server room and its domain updated from geog.ucsb.edu to chg.ucsb.edu. | ||
*On October 7th, 2015 issues with Helmet's autofs and firewall were discovered. Helmet was restarted and autofs regained functionality, but due to the sustained vulnerability of the firewall and multiple failed logins it was decided (by [[Libby]] and [[Aaron]]) on October 14th, 2015 that it would be best if Helmet was completely redone. [[Shraddhanand | Shrad]] will review Helmet for any relevant configuration files and before it is taken down and redone. | *On October 7th, 2015 issues with Helmet's autofs and firewall were discovered. Helmet was restarted and autofs regained functionality, but due to the sustained vulnerability of the firewall and multiple failed logins it was decided (by [[Libby]] and [[Aaron]]) on October 14th, 2015 that it would be best if Helmet was completely redone. [[Shraddhanand | Shrad]] will review Helmet for any relevant configuration files and before it is taken down and redone. | ||
**Until new Helmet VM is done, I have added iptables functionality and disabled firewalld per the instructions on the [https://wiki.eri.ucsb.edu/sysadm/CentOS-7#iptables ERI wiki CentOS 7 page]. [[User:Libby|Libby]] 11:09, 15 October 2015 (PDT) | **Until new Helmet VM is done, I have added iptables functionality and disabled firewalld per the instructions on the [https://wiki.eri.ucsb.edu/sysadm/CentOS-7#iptables ERI wiki CentOS 7 page]. [[User:Libby|Libby]] 11:09, 15 October 2015 (PDT) |
Revision as of 15:12, 14 December 2015
Shrad's Fedora 19 VM. A new version of Helmet is forthcoming.
Contents
General Info
System Name: | helmet.chg.ucsb.edu |
---|---|
IP: | 128.111.236.136 |
Location: | zippy |
General Purpose: | Sandbox |
Creation Date: | 2013 |
System Configuration
- OS Type: Unix
- OS Version: Red Hat Fedora
- vCPUS: 10 allocated
Network
- MAC Address: 52:54:00:a0:a0:47 (generated)
Storage
- Memory: 20GB allocated
- Size: ~30GB allocated
Services
Sandbox VM.
Notes
- On November 23rd, 2015, Helmet was moved along with zippy to the sixth floor ERI server room and its domain updated from geog.ucsb.edu to chg.ucsb.edu.
- On October 7th, 2015 issues with Helmet's autofs and firewall were discovered. Helmet was restarted and autofs regained functionality, but due to the sustained vulnerability of the firewall and multiple failed logins it was decided (by Libby and Aaron) on October 14th, 2015 that it would be best if Helmet was completely redone. Shrad will review Helmet for any relevant configuration files and before it is taken down and redone.
- Until new Helmet VM is done, I have added iptables functionality and disabled firewalld per the instructions on the ERI wiki CentOS 7 page. Libby 11:09, 15 October 2015 (PDT)
#Added alias sc="systemctl" to root's .bash_profile #Short version, one line command: yum -y install iptables-services ; sc stop firewalld ; sc mask firewalld ; sc start iptables ; sc enable iptables ; sc disable firewalld
#Long Version systemctl stop firewalld # stop firewalld temporarily systemctl mask firewalld # not sure what mask does, but I assume its similar to disable yum install iptables-services # install iptables-services package systemctl enable iptables # Enable the service at boot-time
#Copy over any rules you want iptables to start with since no defaults are provided (copied from chg-ewx, minus web rules) systemctl start iptables # start iptables service iptables save # save iptables rules in /etc/sysconfig/iptables, overwriting current set
virsh dominfo
[root@zippy ~]# virsh dominfo helmet Id: 3 Name: helmet UUID: 87832ca0-6640-085f-e42e-359112b329c9 OS Type: hvm State: running CPU(s): 10 CPU time: 689625.1s Max memory: 20529152 KiB Used memory: 20529152 KiB Persistent: yes Autostart: enable Managed save: no Security model: selinux Security DOI: 0 Security label: system_u:system_r:svirt_t:s0:c448,c757 (enforcing)