PMA-65 and PMA-85 quick start guide: Difference between revisions
No edit summary |
No edit summary |
||
| Line 2: | Line 2: | ||
= Introduction = | = Introduction = | ||
PMA | All Performance Management Appliances (PMA) a<span class="tx f163" style="border-width: 0px 0px 0px 11pt; top: 22.8pt; width: 109.2pt; height: 9.7pt; letter-spacing: -0.05pt; word-spacing: 0.09pt;">re based on a </span>hardened versions on <span class="tx" style="left: 228.4pt; top: 32.5pt; width: 30.2pt; height: 9.7pt; letter-spacing: -0.09pt;">CentOS</span><span class="tx" style="left: 258.7pt; top: 32.5pt; width: 2.9pt; height: 9.7pt;"> </span><span class="tx" style="left: 261.5pt; top: 32.5pt; width: 5pt; height: 9.7pt;">7</span><span class="tx" style="left: 266.6pt; top: 32.5pt; width: 2.9pt; height: 9.7pt;"> </span><span class="tx" style="left: 269.5pt; top: 32.5pt; width: 10.2pt; height: 9.7pt; letter-spacing: -0.07pt;">64</span><span class="tx" style="left: 279.7pt; top: 32.5pt; width: 3.6pt; height: 9.7pt;">-</span><span class="tx" style="left: 283.3pt; top: 32.5pt; width: 110pt; height: 9.7pt; letter-spacing: -0.05pt; word-spacing: 0.09pt;">bit Linux Operating System</span><span class="tx" style="border-width: 0px 10pt 0px 0px; left: 393.3pt; top: 32.5pt; width: 64pt; height: 9.7pt; letter-spacing: -0.05pt; word-spacing: 0.09pt;">. </span> | ||
<span class="tx" style="border-width: 0px 0px 0px 11pt; top: 42.3pt; width: 25.8pt; height: 9.7pt; letter-spacing: -0.05pt;">Kernel</span><span class="tx" style="left: 35.8pt; top: 42.3pt; width: 3.6pt; height: 9.7pt;">-</span><span class="tx" style="left: 39.4pt; top: 42.3pt; width: 91.2pt; height: 9.7pt; letter-spacing: -0.04pt; word-spacing: -0.03pt;">based Virtual Machine </span><span class="tx" style="left: 130.6pt; top: 42.3pt; width: 27.9pt; height: 9.7pt; letter-spacing: -0.05pt;">(KVM) is used </span><span class="tx" style="left: 158.5pt; top: 42.3pt; width: 103.9pt; height: 9.7pt; letter-spacing: -0.05pt; word-spacing: -0.01pt;">as virtualization platform.</span> | <span class="tx" style="border-width: 0px 0px 0px 11pt; top: 42.3pt; width: 25.8pt; height: 9.7pt; letter-spacing: -0.05pt;">Kernel</span><span class="tx" style="left: 35.8pt; top: 42.3pt; width: 3.6pt; height: 9.7pt;">-</span><span class="tx" style="left: 39.4pt; top: 42.3pt; width: 91.2pt; height: 9.7pt; letter-spacing: -0.04pt; word-spacing: -0.03pt;">based Virtual Machine </span><span class="tx" style="left: 130.6pt; top: 42.3pt; width: 27.9pt; height: 9.7pt; letter-spacing: -0.05pt;">(KVM) is used </span><span class="tx" style="left: 158.5pt; top: 42.3pt; width: 103.9pt; height: 9.7pt; letter-spacing: -0.05pt; word-spacing: -0.01pt;">as virtualization platform.</span> | ||
| Line 12: | Line 12: | ||
| | ||
{{#invoke:Message box|ambox |type=info|text= | {{#invoke:Message box|ambox |type=info|text=We recommend using MobaXterm to access the appliance. Download MobaXterm at: [http://mobaxterm.mobatek.net/download.html http://mobaxterm.mobatek.net/download.html]}} | ||
| | ||
PMA is accessible through ssh using your favorite terminal emulator. The appliance ships with two user accounts, ''Administrator'' and ''comcert''. User Administrartor has been created to allow the end-user to safely shut down or reboot the appliance. User ''comcert'' is reserved for COMCERT support engineers. | |||
<pre> # ssh -l | <pre> # ssh -l Administrator <IPaddressPMA-65> | ||
</pre> | </pre> | ||
Revision as of 16:18, 9 August 2020
Introduction
All Performance Management Appliances (PMA) are based on a hardened versions on CentOS 7 64-bit Linux Operating System.
Kernel-based Virtual Machine (KVM) is used as virtualization platform.
Access to the appliance
 | We recommend using MobaXterm to access the appliance. Download MobaXterm at: http://mobaxterm.mobatek.net/download.html |
PMA is accessible through ssh using your favorite terminal emulator. The appliance ships with two user accounts, Administrator and comcert. User Administrartor has been created to allow the end-user to safely shut down or reboot the appliance. User comcert is reserved for COMCERT support engineers.
# ssh -l Administrator <IPaddressPMA-65>
Access to the virtual machines
The virtual machines running on this appliance are accessible through SSH, HTTP and VNC.
- SSH
# ssh -l TVadmin <IPaddressTVC> # ssh -l TVadmin <IPaddressTVF>
- HTTP
https://<IPaddressTVC>
https://<IPaddressTVF>
- VNC
Console vTVC <IPaddressPMA-65>:9801
Console vTVF <IPaddressPMA-65>:9802
Reboot / Halt appliance
 | Before rebooting or halting the appliance the virtual machines should be brought down properly. Failure to do so may result in irreparable damage to the database and consquently in data loss. |
Shutdown the instance properly:
[TVadmin@vtvc ~]$ sudo su - Last login: Fri Oct 7 19:26:23 UTC 2016 on pts/0 [root@vtvc ~]# shutdown -h now
[TVadmin@vtvf ~]$ sudo su - Last login: Fri Oct 7 19:26:23 UTC 2016 on pts/0 [root@vtvf ~]# shutdown -h now
Verify the instances are powered off:
[root@appliance ~]# virsh list --all
Now it is safe to shut down the appliance:
[root@appliance ~]# shutdown -h now
Now it is safe to reboot the appliance:
[root@appliance ~]# shutdown -r now
The instances are started automatically when the appliance boots.
Disable SSH login for root user
A best practice is to disable the SSH login for the root user account. In the example found below we create a user account named customer with the password s3cure!:
Add the user. In the following example, we will use the user name customer. The command adduser will automatically create the user, initial group, and home directory.
[root@appliance ~]# adduser customer [root@appliance ~]# id customer uid=1001(admin) gid=1001(customer) groups=1001(customer) [root@appliance ~]# ls -lad /home/customer/ drwx------ 2 customer customer 4096 Jun 25 16:01 /home/customer/
Set the password for the customer user. When prompted, type and then retype the password.
[root@appliance ~]# passwd customer Changing password for user customer. New UNIX password: s3cure! Retype new UNIX password: s3cure! passwd: all authentication tokens updated successfully. [root@appliance ~]#
For sudo permissions for your new admin user, use the following command.
[root@appliance ~]# usermod -aG wheel customer
SSH to the server with the new admin user and ensure that the login works.
[root@appliance ~]# ssh -l customer <IPaddressPMA-65> customer@<IPaddressPMA-65>'s password: s3cure! [customer@appliance]#
Verify that you can su (switch user) to root with the admin user.
[customer@appliance ~]$ sudo su - Password: s3cure! [root@appliance ~]$ whoami root
To disable root SSH login, edit /etc/ssh/sshd_config with your favorite text editor.
[root@appliance ~]# vi /etc/ssh/sshd_config
Change this line:
#PermitRootLogin yes
Edit to this:
PermitRootLogin no
Ensure that you are logged into the box with another shell before restarting sshd to avoid locking yourself out of the server.
[root@appliance ~]# systemctl restart sshd [root@appliance ~]#
You will now be able to connect to your server via ssh with the customer user and then use the command sudo su - to switch to the root user.