Need: QCOW2 image for orchestrating Debian 11 Server image with following customizations 1. Minimal server installation + MATE Desktop Environment + xRDP + Firefox2. ‘apparmor’ disabled3. Install required packages – zip, unzip, net-tools, cloud-guest-utils, sudo4. Configure max number of open files and processes to 655365. SSH access to be enabled only from two specific subnets…
Tag: Debian
Preparing custom Debian 11 server cloud image
Need: QCOW2 image for orchestrating Debian 11 Server image with following customizations Basic server installation’apparmor’ disabledInstall required packages – zip, unzip, net-tools, cloud-guest-utils, sudoConfigure max number of open files and processes to 65536SSH access to be enabled only from two specific subnets (private networks)Custom resizedisk script which will be triggered on first boot to resize…
Complile Linux Kernel (on Debian 11)
Install required packages. root@server1:~# apt-get install git fakeroot build-essential ncurses-dev xz-utils libssl-dev bc flex libelf-dev bison dwarves Download the source of the required/planned version of the Linux kernel (I had decided on 5.15) root@server1:~# wget https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.11.tar.xz Extract the xz file (to default folder) root@server1:~# tar xvf linux-5.15.11.tar.xzroot@server1:~# cd linux-5.15.11/root@server1:~/linux-5.15.11# Copy the existing configuration file root@server1:~/linux-5.15.11#…
OS installation: Debian 11 on a KVM guest VM.
Download the ISO image to the /var/lib/libvirt/images folder of the KVM host. Start virt-manager and opt to create a new VM and select Local install media. Click on browse and select the downloaded ISO image If the OS is not automatically detected, uncheck automatic detection and type in Debian testing Assign memory and CPU resources….
OS installation: Debian 11 on the bare metal server.
Download and burn the ISO image onto a USB stick and plug in the USB stick in the server. Power On the server (in my case, it is Dell R430) Press F11 to enter boot manager Select one-shot UEFI menu Select boot from the USB stick Start installation (I prefer to use non-graphical) Select Language…
Orchestrating Guest VM(s) using simple scripts on KVM host.
As a developer, I had a need to spin up VMs as and when required. The more I started working on Kubernetes, the need to automate the spinning up of multiple VMs to bring up a setup for configuring a cluster. There were several options, solutions already available to automate the same on KVM. However,…
Installing KVM
Pre-requisite Install Debian 11 or Ubuntu 20.04 server as required. Optional I had upgraded the kernel version by compiling the kernel as explained in this how-to. Installing KVM on Debian Simple and easy – First, install the required packages apt install -y qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils virtinst libvirt-daemon virt-manager Additionally, I had installed libguestfs-tools, for…
Installing NFS Server
The objective is to configure the NFS server on one of the servers in the LAB. Creating the NFS client-server setup is a simple task that can be performed in a few steps – installation, export, mounting, and access. On the server install the required package apt install -y nfs-kernel-server Create a directory that gets…
Install and configure OpenLDAP Server
Configure hostname and FQDN for the VM/system which will be used for LDAP server. (Reference to example.com is to mask the actual usage) root@ldap:~# hostname –fqdn ldap.example.com root@ldap:~# cat /etc/hosts 127.0.0.1 localhost 10.1.2.22 ldap.example.com ldap The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters root@ldap:~# Install OpenLDAP…
Adding ClamAV Anti-virus checks to existing Postfix, Amavis+Spamassasin configuration
Had an existing Postfix configurationup and running. Notes for bringing up the same available at https://www.sandeeprao.net/configuring-secure-mail-server-using-postfix-with-dovecot-spamassasin-postgrey-and-opendkim/ As I could add more vCPU and RAM to the VM, thought of adding anti-virus check on receipt of mails. As I had already configured amavis + spamassassin it was pretty straight forward, install the required clamav packages along…