infrastructure-notes/VirtualBox Build Notes.md

VirtualBox Build Notes.md

To get a local test network

Create the base OVF

1. install virtualbox
2. download the centos7-minimal dvd iso, and store in your copy of msoc-infrastructure/packer (suggestion: keep an ISOs directory and make a symbolic link into the packer directory)
3. Edit http/ks.local.cfg and update with your username and password
4. Run make base-local to create a local iso.

Create a new salt master

1. In virtualbox, select "Import".
2. Under msoc-infrastructure/packer/output-virtualbox-iso, select packer-centos-7-local-x86_64.ova
3. Click 'Continue'
4. Edit settings:
   • name: salt-master
   • Network: Set to paravirtualized network
   • Virtual Disk Image: Rename to salt-master.vmdk or somethimg memorable
   • Mac Address Policy: "Generate new MAC addresses for all network adapters."
5. click "Import"
6. Edit settings:
   • Display: Video memory: set to 4MB
   • Display: Remote display: Disable
   • Storage: SATA Controller, check "Use Host I/O Cache"
   • Network: Attached To: Set to "Bridged" with your wireless adapter (verify it's the paravirtualized adapter while you're there)
   • Shared Folders -> Create a machine folder to point to your msoc-infrastructure directory (allows you to use the same git repo on the guest VM)
7. Click 'Start' or 'Start (headless)'

Set up the guest tools

1. ssh to local box (may need to look up ip address; i set a static lease)
2. Change your password and the root password. (Default is 'changeme')

3. Install guest additions:

   sudo yum update && sudo yum upgrade
   sudo yum groupinstall "Development Tools"
   sudo yum install vim kernel-devel
   sudo yum --enablerepo=epel install dkms
   sudo mount /root/VBoxGuestAdditions.iso /mnt
   cd /mnt
   sudo ./VBoxLinuxAdditions.run
   

4. Add the shared folder mount point mkdir ~/msoc-infrastructure

5. Add this to /etc/fstab:

   msoc-infrastructure     /home/fdamstra/msoc-infrastructure      vboxsf  uid=fdamstra,gid=fdamstra       0 0
   

6. Reboot

Match the Salt AMI

1. ssh to salt master

2. Run the scripts in rhel7_hardened_saltmaster_ami.json:

   cd msoc-infrastructure/packer/
   # Skipping add-rhel-subscription, cuz centos
   sudo scripts/add-saltstack-repo.sh
   # Skipping add-epel-repo, because how many times do we need to do this?
   sudo scripts/provision-salt-minion.sh
   # Have to do the "internal-configure-minion.sh" stuff ourselves, becuase
   # we don't match.
   sudo echo "master: salt-master.home.monkeybox.org" | tee /etc/salt/minion
   sudo scripts/provision-salt-master.sh
   # Skipping scripts/install-ssm-agent.sh because not in aws
   # Skipping scripts/cloud-init-resize-fs.sh becase not in aws
   # Skipping scripts/remove-machine-id.sh because not bulding more than one
   # Skipping scripts/remove-rhel-subscription.sh because not building more than one
   

3. Reboot

Get Salt Functional

1. Run the cloud init script:

   cd msoc-infrastructure/terraform/02-msoc_vpc/cloud-init/
   sudo bash provision_salt_master.sh
   

   Errors about secrets are expected. Lots of amazon stuff just won't work.

2. remove /etc/salt/pki/master/master.{pem,pub}

3. fix the minion id: echo salt-master.home.monkeybox.org > /etc/salt/minion_id

4. start salt-master service

5. start salt-minion service

6. Accept the key: sudo salt-key -A

7. Create /etc/salt/master.d/file_roots.conf:

   file_roots:
   base:
   # Used by the maxmind stuff, not in gitfs because we download
   # this file by script every so often
   - /var/opt/salt
   

8. Link to the file root (we don't use gitfs here):

   ln -s /home/fdamstra/msoc-infrastructure/salt/fileroots /var/opt/salt