wiki:SystemAdministration/Default_VM_setup

Context Navigation

Version 20 (modified by Sander Maijers, 8 years ago) (diff)
Added IUS (for CPython 3) and Docker Compose installation

Default CentOS 7 host

Disable

wpa_supplicant: we do not need wireless networking tools.

lvm2 and lvm2-libs: requires daemons, sometimes buggy ones such as dmeventd. Do not install without reason. At some data centers, e.g. MPCDF, LVM is mandatory.

tuned: undesirable?

NetworkManager: only desirable for GUI interaction?

Run provisioning script

## Install default packages
sudo yum update &&
## Add the official Docker yum repository to get access to the latest Docker versions
sudo tee '/etc/yum.repos.d/docker.repo' <<'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF
## Add the Fedora Extra Packages for Enterprise Linux (EPEL) yum repository
## http://www.rackspace.com/knowledge_center/article/install-epel-and-additional-repositories-on-centos-and-red-hat
sudo yum makecache fast &&

## Install IUS in addition to EPEL so that we can install a non-EOL CPython packages.
## See https://ius.io/#project-goals
curl --fail -L --tlsv1.2 'https://setup.ius.io/' > '/opt/setup_ius.sh' &&
sudo sh /opt/setup_ius.sh &&

sudo yum install 'epel-release' 'git' 'docker-engine' 'unzip' 'mailx' 'tmux' 'tree' 'htop' 'rsync' 'python35u'
sudo python3.5 -m 'venv' '/opt/venvs/docker-compose'
/opt/venvs/docker-compose/bin/pip install --upgrade 'pip' 'docker-compose'
## From here on, you can use `. /opt/venvs/docker-compose/bin/activate` to run docker-compose.

## Create sysop users
sudo useradd 'sanmai' &&
sudo usermod -aG 'wheel' 'sanmai'
sudo useradd 'dietuyt' &&
sudo usermod -aG 'wheel' 'dietuyt'
sudo useradd 'wilelb' &&
sudo usermod -aG 'wheel' 'wilelb'

# TODO: why not let them set their own password, and only upload their SSH public key?
## Set passwords for the users: passwd <user>

sudo -e '/etc/ssh/sshd_config' &&
## Configure sshd in '/etc/ssh/sshd_config'
### No root login
# PermitRootLogin no
### No username/password login
# PasswordAuthentication no

#forward mail from root to sysops@clarin.eu
printf '%s\n' "root: sysops@clarin.eu" | sudo tee -a /etc/aliases &&
sudo newaliases &&
sudo service postfix restart

## Test the configuration
printf '%s\n' 'test' | mail -s "test message from $(hostname)" root

## Enable services
systemctl enable docker

Docker storage configuration:

1 2 3

Install Packer & recursive_packer_build

## Packer
sudo mkdir -p '/opt/Packer/0.8.6/' &&
cd "$_" &&
sudo curl -O 'https://releases.hashicorp.com/packer/0.8.6/packer_0.8.6_linux_amd64.zip' &&
sudo unzip 'packer_0.8.6_linux_amd64.zip' &&
printf '%s\n' '#!/bin/sh -x' "pathmunge '/opt/Packer/0.8.6/'" | 
sudo tee '/etc/profile.d/Packer_PATH.sh' &&
sudo chmod +x '/etc/profile.d/Packer_PATH.sh' &&
## recursive_packer_build
cd '/srv/' &&
git clone 'https://github.com/sanmai-NL/recursive_packer_build' &&
printf '%s\n' '#!/bin/sh -x' ". '/srv/recursive_packer_build/recursive_packer_build.sh'" | 
sudo tee '/etc/profile.d/recursive_packer_build_source.sh' &&
sudo chmod +x '/etc/profile.d/recursive_packer_build_source.sh'

Install collectd

Download in other formats:

Plain Text