Difference between revisions of "Helmet"

From CHG-Wiki
Jump to navigationJump to search
(Added notes about firewall issues.)
m
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[User:Shrad | Shrad]]'s Fedora 19 VM.
+
[[User:Shrad | Shrad]]'s Fedora development VM.  
  
 
==General Info==
 
==General Info==
 
{| class="wikitable"
 
{| class="wikitable"
 
! System Name:  
 
! System Name:  
|align="right"|helmet.geog.ucsb.edu
+
|align="right"|helmet.chg.ucsb.edu
 
|-
 
|-
 
! IP:  
 
! IP:  
|align="right"|128.111.234.246
+
|align="right"|128.111.236.136 <!--used to be 234.246-->
 
|-
 
|-
 
! Location:  
 
! Location:  
|align="right"| [[zippy]]
+
|align="right"| [[ubu]]
 
|-
 
|-
 
! General Purpose:  
 
! General Purpose:  
Line 16: Line 16:
 
|-
 
|-
 
! Creation Date:  
 
! Creation Date:  
|align="right"| 2013
+
|align="right"| January 13th, 2016
 
|}
 
|}
  
 
==System Configuration==
 
==System Configuration==
 
*OS Type: Unix
 
*OS Type: Unix
*OS Version: Red Hat Fedora
+
*OS Version: Red Hat Fedora (27)
 
*vCPUS: 10 allocated
 
*vCPUS: 10 allocated
  
 
===Network===
 
===Network===
*MAC Address: 52:54:00:a0:a0:47 (generated)
+
*MAC Address: 52:54:00:A0:A0:43 <!-- used to be 52:54:00:a0:a0:47 -->
  
 
===Storage===
 
===Storage===
 
*Memory: 20GB allocated
 
*Memory: 20GB allocated
*Size: ~30GB allocated
+
*Boot: 500MB allocated
 +
*Swap: 4GB allocated
 +
*Size: 30GB allocated
  
 
==Services==
 
==Services==
Sandbox VM.
+
Sandbox VM, largely used for python development.
  
 
==Notes==
 
==Notes==
 +
*Moved to [[ubu]] pending the rebuild of [[zippy]] in early August 2016.
 +
*Re-created on January 13th, 2016 using kvmutil with nographics option. GNIS'd.
 +
 +
===Notes for old Fedora 19 version===
 +
*On November 23rd, 2015, Helmet was moved along with [[zippy]] to the sixth floor ERI server room and its domain updated from geog.ucsb.edu to chg.ucsb.edu.
 
*On October 7th, 2015 issues with Helmet's autofs and firewall were discovered. Helmet was restarted and autofs regained functionality, but due to the sustained vulnerability of the firewall and multiple failed logins it was decided (by [[Libby]] and [[Aaron]]) on October 14th, 2015 that it would be best if Helmet was completely redone. [[Shraddhanand | Shrad]] will review Helmet for any relevant configuration files and before it is taken down and redone.
 
*On October 7th, 2015 issues with Helmet's autofs and firewall were discovered. Helmet was restarted and autofs regained functionality, but due to the sustained vulnerability of the firewall and multiple failed logins it was decided (by [[Libby]] and [[Aaron]]) on October 14th, 2015 that it would be best if Helmet was completely redone. [[Shraddhanand | Shrad]] will review Helmet for any relevant configuration files and before it is taken down and redone.
 
**Until new Helmet VM is done, I have added iptables functionality and disabled firewalld per the instructions on the [https://wiki.eri.ucsb.edu/sysadm/CentOS-7#iptables ERI wiki CentOS 7 page]. [[User:Libby|Libby]] 11:09, 15 October 2015 (PDT)
 
**Until new Helmet VM is done, I have added iptables functionality and disabled firewalld per the instructions on the [https://wiki.eri.ucsb.edu/sysadm/CentOS-7#iptables ERI wiki CentOS 7 page]. [[User:Libby|Libby]] 11:09, 15 October 2015 (PDT)
Line 54: Line 61:
 
==virsh dominfo==
 
==virsh dominfo==
 
<pre>
 
<pre>
[root@zippy ~]# virsh dominfo helmet
+
[root@ubu ~]$ virsh dominfo helmet
 
Id:            3
 
Id:            3
 
Name:          helmet
 
Name:          helmet
UUID:          87832ca0-6640-085f-e42e-359112b329c9
+
UUID:          00609bec-4220-49c4-63dc-fdcb76c85556
 
OS Type:        hvm
 
OS Type:        hvm
 
State:          running
 
State:          running
 
CPU(s):        10
 
CPU(s):        10
CPU time:      689625.1s
+
CPU time:      318155.2s
Max memory:    20529152 KiB
+
Max memory:    20971520 KiB
Used memory:    20529152 KiB
+
Used memory:    20971520 KiB
 
Persistent:    yes
 
Persistent:    yes
 
Autostart:      enable
 
Autostart:      enable
Line 69: Line 76:
 
Security model: selinux
 
Security model: selinux
 
Security DOI:  0
 
Security DOI:  0
Security label: system_u:system_r:svirt_t:s0:c448,c757 (enforcing)
+
Security label: system_u:system_r:svirt_t:s0:c523,c903 (enforcing)
 
</pre>
 
</pre>
  
 
[[Category:Hosts|{{PAGENAME}}]]
 
[[Category:Hosts|{{PAGENAME}}]]
 
[[Category:VMs|{{PAGENAME}}]]
 
[[Category:VMs|{{PAGENAME}}]]

Latest revision as of 15:32, 9 April 2018

Shrad's Fedora development VM.

General Info

System Name: helmet.chg.ucsb.edu
IP: 128.111.236.136
Location: ubu
General Purpose: Sandbox
Creation Date: January 13th, 2016

System Configuration

  • OS Type: Unix
  • OS Version: Red Hat Fedora (27)
  • vCPUS: 10 allocated

Network

  • MAC Address: 52:54:00:A0:A0:43

Storage

  • Memory: 20GB allocated
  • Boot: 500MB allocated
  • Swap: 4GB allocated
  • Size: 30GB allocated

Services

Sandbox VM, largely used for python development.

Notes

  • Moved to ubu pending the rebuild of zippy in early August 2016.
  • Re-created on January 13th, 2016 using kvmutil with nographics option. GNIS'd.

Notes for old Fedora 19 version

  • On November 23rd, 2015, Helmet was moved along with zippy to the sixth floor ERI server room and its domain updated from geog.ucsb.edu to chg.ucsb.edu.
  • On October 7th, 2015 issues with Helmet's autofs and firewall were discovered. Helmet was restarted and autofs regained functionality, but due to the sustained vulnerability of the firewall and multiple failed logins it was decided (by Libby and Aaron) on October 14th, 2015 that it would be best if Helmet was completely redone. Shrad will review Helmet for any relevant configuration files and before it is taken down and redone.
    • Until new Helmet VM is done, I have added iptables functionality and disabled firewalld per the instructions on the ERI wiki CentOS 7 page. Libby 11:09, 15 October 2015 (PDT)
#Added alias sc="systemctl" to root's .bash_profile
#Short version, one line command:
yum -y install iptables-services ; sc stop firewalld ; sc mask firewalld ; sc start iptables ; sc enable iptables ; sc disable firewalld
#Long Version
systemctl stop firewalld     # stop firewalld temporarily
systemctl mask firewalld    # not sure what mask does, but I assume its similar to disable

yum install iptables-services  # install iptables-services package
systemctl enable iptables    # Enable the service at boot-time
#Copy over any rules you want iptables to start with since no defaults are provided (copied from chg-ewx,  minus web rules)
systemctl start iptables     # start iptables
service iptables save   # save iptables rules in /etc/sysconfig/iptables, overwriting current set

virsh dominfo

[root@ubu ~]$ virsh dominfo helmet
Id:             3
Name:           helmet
UUID:           00609bec-4220-49c4-63dc-fdcb76c85556
OS Type:        hvm
State:          running
CPU(s):         10
CPU time:       318155.2s
Max memory:     20971520 KiB
Used memory:    20971520 KiB
Persistent:     yes
Autostart:      enable
Managed save:   no
Security model: selinux
Security DOI:   0
Security label: system_u:system_r:svirt_t:s0:c523,c903 (enforcing)