I have a salt-cloud profile built up but want to be able to statically set the mac address during provision. I have a DHCP server that serves out specific IPs based on the server's mac address.
I'm connecting via vmware using salt 2015.5.8
This option was implemented for salt version 2016.11.1.
If you can update your salt, do it.
Related
My company has an on-premise network which is opened by OpenVPN server.
In the ordinary scenarios, I used to connect to that server very easily.
However, when I tried to that server from the OCI compute instance which I connected by SSH from my laptop, there exist some problems. As soon as I try to connect VPN server, my SSH connection is closed.
IMHO, this may occurred because VPN connection changes network information and so my SSH connection might be lost.
I tried to look around to find out how to connect to VPN from OCI, but almost everything was using IPSec protocol which Oracle provided, others were about builting OpenVPN Server on the OCI instance.
I'm very novice for the network structure. So, please give me some hint to resolve this problem.
Thanks,
I get the following:
You have Ubuntu 18.04 VM on a Public Subnet in OCI
You have OpenVPN Server running on On-Prem.
You would like to access your On-Prem from Ubuntu VM on OCI.
If I understood it correctly, the best way is to set up IPSec VPN. It isn't that hard if you hit right steps. At the high level, you will be doing the following steps. I have used IKEv1 in my attempts in the past.
OCI:
Create a DRG
Attach/Associate it to your VCN
Create a CPE (Customer Premise Equipment) and mark the IP Address of OpenVPN server to it.
Create an IPSec Connection on the DRG. It will create two Tunnels with its own Security Information.
Set up Routing on associated subnet (i.e., one that hosts Ubuntu VM) so traffic associated to On-Prem CIDR are routed to DRG.
On-Prem:
Create necessary configuration to create the Tunnels upto OCI (Using the configuration information from previous steps such as VPN Server IP Addresses and Shared Secrets)
Set up Routing so that the Traffic destined for OCI CIDR ranges are sent to associated Tunnel Interface
This ensures that you can create multiple VMs on the OCI Subnet all of which can connect to your On-Prem infrastructure. OCI Documentation has sufficient information in setting up this VPN Connection.
Alternatively if your only requirement is to establish connectivity between Ubuntu VM on OCI to OpenVPN server On-Prem, you might use any VPN Client software and set it up. This doesn't need any of the configuration steps mentioned above.
Worker nodes in private subnets have private IP addresses only (they do not have public IP addresses). They can only be accessed by other resources inside the VCN. Oracle recommends using bastion hosts to control external access (such as SSH) to worker nodes in private subnets. You can learn more on using SSH to connect through a bastion host here - https://docs.cloud.oracle.com/en-us/iaas/Content/Resources/Assets/whitepapers/bastion-hosts.pdf
I've created a virtual machine on Google Cloud Platform following this manual.
I was able to create an SSH connection from my local machine to the VM and set it up to host a publicly available R Shiny App. Now I'm wondering if there is any way to access my local machine from the VM using this SSH connection. This would be a problem if the server gets hacked, maybe because I wasn't able to correctly configure security settings (I'm not too experienced with this). Or is this a "one-way" connection to the VM and the other way is blocked, e.g. by my personal firewall?
Any suggestion would help. Thanks!
An SSH connection requires that the target machine have a public SSH key that are used to identify an incoming client that has the corresponding private SSH key. If you can SSH from your local PC to a GCP Compute Engine (CE) then your local PC has a copy of the private key and the compute engine has the public key. This is one-way connection. There is no symmetry in a connection originating from the compute engine. To be able to SSH into your local PC then:
Your local PC needs to has SSH server installed.
Your local PC needs to have the public part of an SSH key pair configured.
The client needs to have the private part of an SSH key pair available.
The client needs to know your IP address.
There needs to be a network route to your local PC from the client.
Your firewall needs to permit the incoming client on the port that the SSH server is listening (default 22)
Unless the above are all satisfied, there should be no mechanism to allow a compromised compute engine to open a shell "back into" your local PC.
I have installed and configured Hyper-V on my Laptop with Windows 10 Professional. I have as well one VM with Ubuntu 16.04 OS. My Problem is that I do not know how to access Windows 10 host Shared Folders from the Ubuntu Guest, when it is offline / not connected to Internet, which means when it has no IP address assigned. Here, I wish to keep automatic IP Address assigning (DHCP) enabled, as the laptop has only one NIC (WiFi).
The Ubuntu 16.04 has installed SAMBA. I can access shared folders of the Windows 10 Host when the host has IP Address assigned.
However, I am not always connected to the internet. When without internet I still want to access the host from the VM guest OS. For those moments I do not want to assign temporary IP Address to he WiFi NIC. I would like to have more elegant solution.
Is there a way to assign secondary IP Address to my laptop/host (this time static)? This IP Address would be used only for the guest OS to see the host at all the times, regardless of whether the host has dynamically assigned IP address or not.
Is there any other solution for my problem? Thank you many times.
Ok, I have found the solution for those having similar problem:
In Hyper-V Manager create one more Virtual Switch, this time Internal Virtual Switch.
In the host OS, here Windows 10, edit the newly created Virtual Switch and assign desired IP Address and Subnet Mask.
Since we need to communicate between Host and Guest only, there is no need to enter Default Gateway.
Save your settings, restart the Guest OS.
Now you will be able to ping the Host OS from the VM Guest OS, whether host is online or offline. Great!
I want to set up an exported VM on an Ubuntu Server using VirtualBox on headless mode.
I have the VM up and running and bridged with the ethernet interface of the host (em1), so the dhcp of the host should now assign an IP to the VM if I'm not mistaken.
Is there a way to check if this is working and if yes to get the VM's IP?
Since this is on headless mode so without GUI, the only way to login to the VM is through ssh and for that I need the IP..
welthenwel,
you can do this with VBoxManage.
from a shell, just type:
VBoxManage guestproperty enumerate VM_NAME --pattern */IP
and you will get as response something like in the below image.
now, ignore the fact that I run this cmd from a Windows host, because its behaves exactly the same from inside a linux host
I'm not very familiar with VirtualBox. Bridged with VMWare Workstation meant the IP is given by your default DHCP server, which means you could look up the assigned IP address there (e.g. your router - if you have access to it).
Another option would be a ping sweep of your network segment as I believe Ubuntu doesn't drop ICMP requests.
I am using VMWare Player 3.1.0 on Host OS Windows 7 Professional 64-bit. My guest is is SUSE Linux ES 10. My guest OS (SUSE) runs JBoss App Server which I access from host using HTTP. I used a "Bridged" connection to set up all this.
My problem:
When I am connected to network on the Host (using wired network adapter) I can connect to the http server on the Guest OS and browse the application. However, when I am disconnected from the network on Host (unplugged the wire), I cannot access to the guest OS app server and browse the application. I use the guest OS ifconfig command to find out ip address of the guest OS. This ip address does not change whether connected or disconnected. I have even tried using Wireless Data card, but that does not work either.
I have tried "NAT" as well as "Host Only" connection and rebooted the guest but it does not work either. I think for some reason the guest OS can only recognize the physical network card (which is disconnected).
I need to run this machine (my laptop) independently of the network because I use this for demo and need to be able to connect from my host OS to Guest OS.
I am not sure I understand exactly what you are trying to do, but I do know setting up a working NAT configuration will offer you the most flexibility.
Click the networking icon and select settings, Select NAT.
Follow these steps on your Unix OS
cd /etc/sysconfig/network-scripts
Make a backup of your ethernet adapter configuration
cp ifcfg-eth0 ifcfg-eth0.bak
Next modify the settings to look like the following:
DEVICE="eth0"
BOOTPROTO="dhcp"
HWADDR="What ever was here on your system"br/>
NM_CONTROLLED="yes"
ONBOOT="yes"
Save your changes
Restart your network adapters
/etc/init.d/network restart
Try nslookup www.google.com
You should now be able to connect back and forth from your Windows Host and Linux guest.
theJay28
-p.s. I had screenshots, but I do not have the 10 points yet to post images.
I figured that the solution is to restart the VM after making the changes to the NetWork setting on the VMWare. I selected Network for the VM as "Host Only" shutdown the VM and started it again. After that I was able to do what I wanted to do (i.e. browse the web application on guest from the browser in the host machine) without connecting the host to the network.
So key to the solution in my case was to make the network changes and restart the VM.
Any comments suggestions welcome...