# VirtualBox Build Notes.md ## To get a local test network ### Create the base OVF 1. install virtualbox 1. download the centos7-minimal dvd iso, and store in your copy of `msoc-infrastructure/packer` (suggestion: keep an ISOs directory and make a symbolic link into the packer directory) 1. Edit `http/ks.local.cfg` and update with your username and password 1. Run `make base-local` to create a local iso. ### Create a new salt master 1. In virtualbox, select "Import". 1. Under `msoc-infrastructure/packer/output-virtualbox-iso`, select `packer-centos-7-local-x86_64.ova` 1. Click 'Continue' 1. Edit settings: * name: salt-master * Network: Set to paravirtualized network * Virtual Disk Image: Rename to `salt-master.vmdk` or somethimg memorable * Mac Address Policy: "Generate new MAC addresses for all network adapters." 1. click "Import" 1. Edit settings: * Display: Video memory: set to 4MB * Display: Remote display: Disable * Storage: SATA Controller, check "Use Host I/O Cache" * Network: Attached To: Set to "Bridged" with your wireless adapter (verify it's the paravirtualized adapter while you're there) * Shared Folders -> Create a machine folder to point to your msoc-infrastructure directory (allows you to use the same git repo on the guest VM) 1. Click 'Start' or 'Start (headless)' ### Set up the guest tools 1. ssh to local box (may need to look up ip address; i set a static lease) 1. Change your password and the root password. (Default is 'changeme') 1. Install guest additions: ``` sudo yum update && sudo yum upgrade sudo yum groupinstall "Development Tools" sudo yum install vim kernel-devel sudo yum --enablerepo=epel install dkms sudo mount /root/VBoxGuestAdditions.iso /mnt cd /mnt sudo ./VBoxLinuxAdditions.run ``` 1. Add the shared folder mount point `mkdir ~/msoc-infrastructure` 1. Add this to `/etc/fstab`: ``` msoc-infrastructure /home/fdamstra/msoc-infrastructure vboxsf uid=fdamstra,gid=fdamstra 0 0 ``` 1. Reboot ### Match the Salt AMI 1. ssh to salt master 1. Run the scripts in `rhel7_hardened_saltmaster_ami.json`: ``` cd msoc-infrastructure/packer/ # Skipping add-rhel-subscription, cuz centos sudo scripts/add-saltstack-repo.sh # Skipping add-epel-repo, because how many times do we need to do this? sudo scripts/provision-salt-minion.sh # Have to do the "internal-configure-minion.sh" stuff ourselves, becuase # we don't match. sudo echo "master: salt-master.home.monkeybox.org" | tee /etc/salt/minion sudo scripts/provision-salt-master.sh # Skipping scripts/install-ssm-agent.sh because not in aws # Skipping scripts/cloud-init-resize-fs.sh becase not in aws # Skipping scripts/remove-machine-id.sh because not bulding more than one # Skipping scripts/remove-rhel-subscription.sh because not building more than one ``` 1. Reboot ### Get Salt Functional 1. Run the cloud init script: ``` cd msoc-infrastructure/terraform/02-msoc_vpc/cloud-init/ sudo bash provision_salt_master.sh ``` Errors about secrets are expected. Lots of amazon stuff just won't work. 1. remove `/etc/salt/pki/master/master.{pem,pub}` 1. fix the minion id: `echo salt-master.home.monkeybox.org > /etc/salt/minion_id` 1. start salt-master service 1. start salt-minion service 1. Accept the key: `sudo salt-key -A` 1. Create /etc/salt/master.d/file_roots.conf: ``` file_roots: base: # Used by the maxmind stuff, not in gitfs because we download # this file by script every so often - /var/opt/salt ``` 1. Link to the file root (we don't use gitfs here): ``` ln -s /home/fdamstra/msoc-infrastructure/salt/fileroots /var/opt/salt ```