Exercise 1

Table of Contents

1 Exercise 1: Introduction

This is the first exercise in the course. Attendance in Ohjaus is required, and deadline for finishing up the exercise is 20.1. 23:59

In this exercise, you will learn to install and setup your first virtual machine (VM) in the course environment. This includes a good chunk of the basics. You will start writing a log of the tasks that you have done in the VM. This log will also be assessed.

This exercise can be read in PDF, HTML, and Text formats.

1.1 Logs

Instructors will read the logs to see how students are maintaining their virtual systems. This is one part of documenting the work. For now, it is sufficient that you show at least the commands you ran and things you did briefly (especially those you ran as superuser, with sudo(8)). At the end of the course you are expected to show understanding of what you did, why and how.

1.2 Practical matters

  1. You are instructed to use one of our host machines: lonka5, lonka6, lonka7 or lonka8. They are very similiar to each other and shouldn't have any difference to completing the exercise.
  2. Replace "TUNNUS" or "KONE" with your username everywhere in this material. For user jatauusi, "KONE1" would be jatauusi1.
  3. In this exercise, we start with opening three separate SSH connections. You are free to do this differently (e.g. using ConnectionMaster, screen(1), tmux(1) and the like) but beware of the dragons. The instructors might not be able to help you with your own approach.
  4. The above warning also applies to text editors. You are free to write your log in any of the present editors. Inside your VM you have more choices as your can install anything you like. The content is more important than the writing method.
  5. You are expected to check your exercise with the automatic checker. This will check hard requirements for your VM, but it is not a final pass. Instructors will assess your work based on the log and manual inspection of the VM.

1.3 Exercise 1 is passed, if the VM:

  • is up and running.
  • allows login from the instructors. (with Kerberos or SSH key)
  • has nullmailer, ntp, and rsync installed.
  • has up to date packages.
  • has its image in the home directory. (not in /ramdisk)
  • has the appropriate log in the host machine. (~/logs/KONE1.txt (where KONE is your username), stick to this filename as it is much easier to check them)

1.4 IRC Channel

  • #TIES478 in irc-verso.student.it.jyu.fi
  • Accessible only from the VM network (lonkas and VMs)

2 Steps

2.1 SSH connection

  1. The instructors assign you a host machine (lonkaX.it.jyu.fi where X={5,6,7,8}) to do the exercise on.
  2. Connect to the host machine with three SSH connections. The first one is used for operating the VM. The second one is used for writing the log. The third one is for other things when the first two are occupied.
  3. Use -X flag to enable X(7) tunneling. (For Macs, use XQuartz and -Y flag)
  4. Example command for opening the connection for user jatauusi: ssh -X jatauusi@lonka6.it.jyu.fi

2.2 Preparations for installation

2.2.1 Make a disk image

  1. Empty disk image is first created in /ramdisk, because installation is faster in that directory. After installation you will move it to your home directory for permanent storage.
  2. Make a folder for yourself in /ramdisk with a command like this: mkdir /ramdisk/TUNNUS (Replace TUNNUS or KONE with your username in these commands!)
  3. Size of the disk will be 3G and format qcow2.
  4. Create the image with qemu-img(1) with command: qemu-img create -f qcow2 /ramdisk/TUNNUS/KONE1.img 3G

2.2.2 SSH keys

  1. Create yourself a SSH key: ssh-keygen -t rsa
  2. For a passphrase, use something that is not in use elsewhere.
  3. This will be used later for logging in your VMs

2.3 Start the installation

  • Start the installation with the command
virt-install -n KONE1 --memory 512 --arch i386 -w bridge=br0
             --disk /ramdisk/TUNNUS/KONE1.img,bus=virtio
             --cdrom /srv/kvm/images/ubuntu-16.04-server-i386.iso
  • You can type it all as it is (with TUNNUS and KONE replaced). Some explanations for the command:
  • virt-install(1) is the command to start the installation.
  • Type backslash characters before each newline (Enter-key) to have a multi-line command. Or you can write it all without newlines or backslashes in one long command.
  • In the log, copy the command you wrote and the name of your VM.

2.3.1 In case something goes wrong:

  • If you want to nuke your VM and start from scratch, run the following commands: virsh destroy KONE1 virsh undefine KONE1 rm -f /ramdisk/TUNNUS/KONE1.img
  • If the installer is still running, you can reopen it with virt-viewer KONE1

2.4 Inside the installer

  1. Language: Choose your preferred language (e.g. Finnish or English) or a random language for extra challenge.
  2. Right after choosing language, press F6 (Other Options) and enable option nomodeset. (choose it with arrow keys, enter, esc)
  3. Choose "Install Ubuntu Server"
  4. Choose Finland as the region regardless of the language.
  5. Network settings: Details in the chapter below.
  6. Hostname: TUNNUS1.
  7. Domain: student.it.jyu.fi
  8. Username: TUNNUS0 (later referred to as "zero account")
  9. Password: Come up with a new password. Save that in your personal notes.
  10. As simple setup as possible with the following details:
  11. Choose "Guided, use entire disk" (no LVM, that comes later),
  12. Don't encrypt home directory,
  13. Proxy: http://lonkaX.it.jyu.fi:3142/ (important!),
  14. No automatic updates,
  15. Software: Tick [X] OpenSSH Server,
  16. During installation, you can try the command line of the installer. Look at the message log (Alt-F4). Try the console windows (Alt-F2 and Alt-F3) and inside try commands df and ls at least. Return to the installer with Alt-F1.
  17. Install GRUB to the Master Boot Record.

After this, the VM reboots into the freshly installed system.

2.5 Network settings

  • Address: Look it up with the command host TUNNUS1 inside a lonka. It should begin with 172. which is the local address. Your VM also has a public IP address that begins with 130.234 which will not be used here.
  • Netmask: 255.255.0.0
  • Gateway: 172.21.0.1
  • Nameserver: 172.21.0.4

2.6 Post-installation

2.6.1 Try to login

  • Login with your zero account with the virt-viewer window
  • Also try logging in over SSH. Inside the host machine, try: ssh TUNNUS0@TUNNUS1
  • When logged in, at least check disk space, amount of free memory and running processes in the system. (df(1), ps(1), free(1))

2.6.2 Update

  • sudo apt-get update; sudo apt-get dist-upgrade
  • Check available disk space again.

2.6.3 Install required software

  1. We need at least libpam-krb5, nullmailer, ntp, rsync, locate and your favourite text editor.
  2. sudo apt-get install ...
  3. During installing libpam-krb5 the configuration script will ask for Kerberos realm. Type AD.JYU.FI .
  4. Nullmailer configuration: Mailname = jyu.fi, smarthosts = smtp.jyu.fi.
  5. Check the editors already in the system: dpkg -l | grep editor. (Optional) Install your favourite text editor. Look again what editors dpkg -l lists. Choose that editor (or nano which is the easiest to use) and make it default with the following line in .bashrc file: export EDITOR=nano

2.6.4 Setup user accounts for the instructors

  1. Look up UIDs and full names for the instructors and yourself. Usernames of the instructors are jatauusi, kailnurm, mailkang, pyjopeko and tt. (Hint: This information is stored in /etc/passwd) In the following commands, replace UID with the instructor's user ID, REAL NAME with their real name, and ACCOUNT with their username.
  2. This can be done with the id(1) command, e.g. id jatauusi prints uid=239182(jatauusi) among other things.
  3. adduser --uid UID --gecos 'REAL NAME' ACCOUNT
  4. Leave prompted info empty, password as well
  5. A certain kind of error at the end means it's ok
  6. Test logging in with your own Korppi username and password.
  7. Enable sudo for instructors: usermod -aG sudo ACCOUNT . In practice you add instructors to the sudo group.
  8. For each instructor, copy their SSH public key inside your VM. This allows passwordless login of instructors with their (private) key. Make a .ssh directory for everyone: sudo mkdir /home/ACCOUNT/.ssh
  9. Copy the public key inside the just created folder:
    sudo scp TUNNUS@lonkaX:/usr/local/sshkeys/id_ACCOUNT.pub
             /home/ACCOUNT/.ssh/authorized_keys
    
  10. sudo chown -R ACCOUNT:ACCOUNT /home/ACCOUNT/.ssh
  11. Copy your own public SSH key as well. You can do this with in a similiar way as the above steps or with ssh-copy-id(1). Test by logging in via SSH.
  12. Look up the sudo(7) commands you have done in the system so far: sudo grep sudo /var/log/auth.log

2.7 Using virsh

2.7.1 Shutdown, reboot, freezing of the VM

  • Turn off your VM: virsh shutdown KONE1
  • Turn it on again: virsh start KONE1
  • Suspend: virsh suspend KONE1
  • Try these command with your VM. What effect does suspend have to your VM?

2.7.2 XML-configuration

  1. Save the configuration file of your VM: virsh dumpxml KONE1 > KONE1.xml
  2. Turn off your VM and undefine its configuration (virsh undefine KONE1) which forgets the configuration in the hypervisor.
  3. Try to start the VM now – what kind of error does it make?
  4. Restore the configuration in the hypervisor: virsh define KONE1.xml
  5. Look at the file. Find the size definition of RAM (it's in two places) and change it to 262144 (256MB). Think what needs to be done to apply the changes. Experiment and document your findings.

2.7.3 Move disk image to home directory

  1. Turn off the VM.
  2. Move the disk image to your home directory: mv /ramdisk/TUNNUS/KONE1.img ~/KONE1.img
  3. Update the location of the image in the active configuration (virsh edit KONE1)
  4. Save changes and start your VM again.

2.8 Finish

  • Check your exercise with automatic checker: sudo checker.sh DEMONUMBER TUNNUS
  • If all is good, save your work and leave your VM running.

Date: 2019-03-08T13:31+0200

Author: Janne Uusitupa

Org version 7.9.3f with Emacs version 24

Validate XHTML 1.0