Server config
installation of packet
yum install fail2ban cockpit cockpit-machines python3 make git-core
Server config based on:
Data Replication between servers https://www.programmersought.com/article/92226036787/
Virtual machine hosting https://www.tecmint.com/install-kvm-on-ubuntu/
cockpit https://www.techrepublic.com/article/how-to-enable-cockpit-on-centos-8/ , https://www.tecmint.com/manage-kvm-virtual-machines-using-cockpit-web-console/
firewalld https://www.liquidweb.com/kb/how-to-start-and-enable-firewalld-on-centos-7/
firewalld config
add nfs :
firewall-cmd --add-port=873/tcp
add port forwarding to opnsense:
https to opnsense:firewall-cmd --add-forward-port=port=443:proto=tcp:toport=443:toaddr=AAA.BBB.CCC.DDD
http to opnsense:firewall-cmd --add-forward-port=port=80:proto=tcp:toport=80:toaddr=AAA.BBB.CCC.DDD
opnsense console:firewall-cmd --add-forward-port=port=4443:proto=tcp:toport=4443:toaddr=AAA.BBB.CCC.DDD
add pf to linux
firewall-cmd --add-forward-port=port=XXXX:proto=tcp:toport=22:toaddr=AAA.BBB.CCC.DDD
add port forwarding to windows:
SQLfirewall-cmd --add-forward-port=port=1433:proto=tcp:toport=1433:toaddr=AAA.BBB.CCC.DDD
RDP
firewall-cmd --add-forward-port=port=3389:proto=tcp:toport=3389:toaddr=AAA.BBB.CCC.DDD
firewall usefull command:
firewall-cmd --reload
firewall-cmd --runtime-to-permanent
Storage
Default : /export/nfs/data
ISO: /export/nfs/iso
virsh network
virsh net-edit default
<network>
<name>default</name>
<uuid>aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeee</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='XX:XX:XX:XX:XX:XX'/>
<domain name='default'/>
<ip address='AAA.BBB.CCC.DDD' netmask='255.255.255.0'>
</ip>
</network>
Qemu Hooks
https://forums.centos.org/viewtopic.php?f=50&t=71454&start=10
make the hook tool
cd /usr/local/src
git clone https://github.com/saschpe/libvirt-hook-qemu.git
cd libvirt-hook-qemu
make install
rm -rf libvirt-hook-qemu
make the hook config
vi /etc/libvirt/hooks/hooks.json
{
"k3OS": {
"interface": "my-bridge-name",
"private_ip": "A.B.C.D", // IP of the VM
"port_map": {
"tcp": [[5022,22]] // port mapping
}
},
"linux.2.1": {
"interface": "my-bridge-name",
"private_ip": "A.B.C.D", // IP of the VM
"port_map": {
"tcp": [[1022,22]]
}
},
"OPNsense.2.1": {
"interface": "my-bridge-name",
"private_ip": "A.B.C.D", // IP of the VM
"port_map": {
"tcp": [80,443,4443]
}
},
"Windows": {
"interface": "my-bridge-name",
"private_ip": "A.B.C.D", // IP of the VM
"port_map": {
"tcp": [1433,3389]
}
}
}
refresh script for the docker
Did you encounter a problem or do you have a suggestion?
Please contact our Service Desk
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. https://creativecommons.org/licenses/by-sa/4.0/