Purpose
Document project to test CLI managed VMs before migrating current system to a command line managed system.
Project Scope
Successful project is the test server configured with an HTTP server which can be managed by SSH.
NOTE
Risking doxing myself and exposing my network by documenting this here. However, I feel like in the long run the community may be able to help me become a better technologist by documenting this like an opensource project. I know there are 1337 people here, so I politely ask, please don't maliciously attack my network with the info on here.
Additionally, feel free to chime in with suggestions or "heads up" for me to look into. I'm trying to grow here.
Actions
Segmented network into separate VLANs to segment public facing services.
Changed all network appliances from default passwords.
//* installed CentOS 7 Minimal on Test Server
* Yum Update
* SSH Installed
//* Installing KVM software
* Helpful Links:
* http://www.thegeekstuff.com/2014/10/linux-kvm-create-guest-vm/
* http://mwiki.yyovkov.net/index.php/Linux_KVM_on_CentOS_7
//yum install qemu-kvm
-
Installed ProxMox - Helpful Link (Wendell's video)
- Installed CentOS7 container
On Deck
Change all router SSIDs from default.
Setup Network
Modem/Router -> Managed Switch -> VLAN Port 1 ----> Router (Wifi)
|
|____________> VLAN Port 2 ---> Router (Hidden Wifi)
|
| ]-wireless connection
WifiExteder(No BroadCast) <-----|
| |
| |]-physical connections
| |
TestServer______| |________________________Box1
bridged-[ |____________ _________|_______ ]-bridged
| | | | |
(Containers) HTTP VPN (VMs) /VPN/ /HTTP/ FS
Summary
Network was segmented. Minor network security tightening. Installed ProxMox. Created CentOS7 Container. Installed updates and enabled ssh. Took snapshot for future use of this container.
This accomplishes what I set out to do plus knocked a portion of network segmentation I wanted to do. I still want to change the default SSID's on the network, but I'd call this a completed task at this point.
(Mods please leave this open - instead of the new thread, next weekend I'll create a new project as a new post in this thread. Thanks!)
Update
I've created a HTTP container and a VPN container. Sweet! The old server no longer runs these. The VPN is not public facing yet. Need to finish this (created question on forum).