Repte 2.3:Desplegament amb vagrant
Per fer aquesta tasca has de tenir en compte el rang d’IP, les màquines assignades a cada persona i quina configuració necessita cada màquina:
Un cop tenim això en compte ja podem començar amb la creació de la Vagrantfile, nosaltres ja teníem una Vagrantfile així que vam començar des d’aquella, però vam afegir configuracions extres com per exemple les rutes, o la configuració del dhcp, a mes com la Vagrantfile ha de ser igual per tothom vam crear les 4 màquines de dhcp a l’arxiu, però deixant l’arxiu de dhcp.config a l’ordinador de cadascú, per estalviar temps.
Vagrant.configure("2") do |config|
# =================================================
# ROUTER hbarbera - 172.100.100.1
# =================================================
config.vm.define "router_2" do |router_2|
router_2.vm.box = "debian"
router_2.vm.hostname = "gateway-hector"
router_2.vm.network "public_network", ip: "172.25.202.12", netmask: "255.255.0.0"
router_2.vm.network "private_network", ip: "172.100.100.1", netmask: "255.255.255.224", virtualbox__intnet: "red_interna"
router_2.vm.provider "virtualbox" do |vb|
vb.name = "MV_DEBIAN_ROUTER"
vb.memory = 1024
vb.cpus = 1
vb.customize ["modifyvm", :id, "--nictype2", "virtio"]
vb.customize ["modifyvm", :id, "--nictype3", "virtio"]
vb.customize ["modifyvm", :id, "--nictype4", "virtio"]
end
router_2.vm.provision "file", source: "dhcpd.conf", destination: "/tmp/dhcpd.conf"
router_2.vm.provision "shell", inline: <<-BASH
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -p
ip route del default || true
ip route add default via 172.25.130.254 dev enp0s8
echo "nameserver 172.25.130.254" > /etc/resolv.conf
printf '#!/bin/sh\nexit 101\n' > /usr/sbin/policy-rc.d
chmod +x /usr/sbin/policy-rc.d
echo "iptables-persistent iptables-persistent/autosave_v4 boolean true" | debconf-set-selections
echo "iptables-persistent iptables-persistent/autosave_v6 boolean false" | debconf-set-selections
DEBIAN_FRONTEND=noninteractive apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y iptables-persistent isc-dhcp-server
rm /usr/sbin/policy-rc.d
mkdir -p /etc/iptables
iptables -t nat -A POSTROUTING -o enp0s8 -j MASQUERADE
iptables-save > /etc/iptables/rules.v4
sed -i 's/INTERFACESv4=""/INTERFACESv4="enp0s9"/' /etc/default/isc-dhcp-server
cp /tmp/dhcpd.conf /etc/dhcp/dhcpd.conf
systemctl restart isc-dhcp-server
BASH
end
# Debian DMZ -> router_2 (172.100.100.1)
config.vm.define "debiandmz" do |debiandmz|
debiandmz.vm.box = "debiandmz"
debiandmz.vm.communicator = "ssh"
debiandmz.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
debiandmz.vm.provider "virtualbox" do |vb|
vb.name = "MV_DEBIANDMZ"
vb.memory = 4096
vb.cpus = 4
end
debiandmz.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 172.100.100.1 dev enp0s8
BASH
end
# =================================================
# ROUTER clozano - 10.0.0.1
# =================================================
config.vm.define "router_9" do |router_9|
router_9.vm.box = "debian"
router_9.vm.hostname = "gateway-cristian"
router_9.vm.network "public_network", ip: "172.25.209.12", netmask: "255.255.0.0"
router_9.vm.network "private_network", ip: "10.0.0.1", netmask: "255.0.0.0", virtualbox__intnet: "red_interna"
router_9.vm.provider "virtualbox" do |vb|
vb.name = "MV_DEBIAN_ROUTER"
vb.memory = 1024
vb.cpus = 1
vb.customize ["modifyvm", :id, "--nictype2", "virtio"]
vb.customize ["modifyvm", :id, "--nictype3", "virtio"]
vb.customize ["modifyvm", :id, "--nictype4", "virtio"]
end
router_9.vm.provision "file", source: "dhcpd.conf", destination: "/tmp/dhcpd.conf"
router_9.vm.provision "shell", inline: <<-BASH
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -p
ip route del default || true
ip route add default via 172.25.130.254 dev enp0s8
echo "nameserver 172.25.130.254" > /etc/resolv.conf
printf '#!/bin/sh\nexit 101\n' > /usr/sbin/policy-rc.d
chmod +x /usr/sbin/policy-rc.d
echo "iptables-persistent iptables-persistent/autosave_v4 boolean true" | debconf-set-selections
echo "iptables-persistent iptables-persistent/autosave_v6 boolean false" | debconf-set-selections
DEBIAN_FRONTEND=noninteractive apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y iptables-persistent isc-dhcp-server
rm /usr/sbin/policy-rc.d
mkdir -p /etc/iptables
iptables -t nat -A POSTROUTING -o enp0s8 -j MASQUERADE
iptables-save > /etc/iptables/rules.v4
sed -i 's/INTERFACESv4=""/INTERFACESv4="enp0s9"/' /etc/default/isc-dhcp-server
cp /tmp/dhcpd.conf /etc/dhcp/dhcpd.conf
systemctl restart isc-dhcp-server
BASH
end
# Rocky Client -> router_9 (10.0.0.1)
config.vm.define "rocky_client" do |rocky_client|
rocky_client.vm.box = "rocky_client"
rocky_client.vm.communicator = "ssh"
rocky_client.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
rocky_client.vm.provider "virtualbox" do |vb|
vb.name = "MV_ROCKY_CLIENT"
vb.memory = 2048
vb.cpus = 2
end
rocky_client.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 10.0.0.1 dev enp0s8
dnf groupinstall "Server with GUI" -y
systemctl set-default graphical.target
systemctl start graphical.target
BASH
end
# Ubuntu Client -> router_9 (10.0.0.1)
config.vm.define "ubuntu" do |ubuntu|
ubuntu.vm.box = "ubuntu"
ubuntu.vm.communicator = "ssh"
ubuntu.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
ubuntu.vm.provider "virtualbox" do |vb|
vb.name = "MV_UBUNTU_CLIENT"
vb.memory = 4096
vb.cpus = 4
end
ubuntu.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 10.0.0.1 dev enp0s8
BASH
end
# Windows 10 Client -> router_9 (10.0.0.1)
config.vm.define "w10" do |w10|
w10.vm.box = "w10"
w10.vm.communicator = "winrm"
w10.winrm.username = "vagrant"
w10.winrm.password = "vagrant"
w10.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
w10.vm.provider "virtualbox" do |vb|
vb.name = "MV_W10_CLIENT"
vb.memory = 4096
vb.cpus = 4
vb.gui = true
end
w10.vm.provision "shell", inline: <<-POWERSHELL, privileged: true
Remove-NetRoute -DestinationPrefix "0.0.0.0/0" -Confirm:$false -ErrorAction SilentlyContinue
New-NetRoute -DestinationPrefix "0.0.0.0/0" -NextHop "10.0.0.1" -InterfaceAlias "Ethernet 2"
POWERSHELL
end
# =================================================
# ROUTER alozano - 192.168.226.65
# =================================================
config.vm.define "router_0" do |router_0|
router_0.vm.box = "debian"
router_0.vm.hostname = "gateway-andres"
router_0.vm.network "public_network", ip: "172.25.210.12", netmask: "255.255.0.0"
router_0.vm.network "private_network", ip: "192.168.226.65", netmask: "255.255.255.240", virtualbox__intnet: "red_interna"
router_0.vm.provider "virtualbox" do |vb|
vb.name = "MV_DEBIAN_ROUTER"
vb.memory = 1024
vb.cpus = 1
vb.customize ["modifyvm", :id, "--nictype2", "virtio"]
vb.customize ["modifyvm", :id, "--nictype3", "virtio"]
vb.customize ["modifyvm", :id, "--nictype4", "virtio"]
end
router_0.vm.provision "file", source: "dhcpd.conf", destination: "/tmp/dhcpd.conf"
router_0.vm.provision "shell", inline: <<-BASH
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -p
ip route del default || true
ip route add default via 172.25.130.254 dev enp0s8
echo "nameserver 172.25.130.254" > /etc/resolv.conf
printf '#!/bin/sh\nexit 101\n' > /usr/sbin/policy-rc.d
chmod +x /usr/sbin/policy-rc.d
echo "iptables-persistent iptables-persistent/autosave_v4 boolean true" | debconf-set-selections
echo "iptables-persistent iptables-persistent/autosave_v6 boolean false" | debconf-set-selections
DEBIAN_FRONTEND=noninteractive apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y iptables-persistent isc-dhcp-server
rm /usr/sbin/policy-rc.d
mkdir -p /etc/iptables
iptables -t nat -A POSTROUTING -o enp0s8 -j MASQUERADE
iptables-save > /etc/iptables/rules.v4
sed -i 's/INTERFACESv4=""/INTERFACESv4="enp0s9"/' /etc/default/isc-dhcp-server
cp /tmp/dhcpd.conf /etc/dhcp/dhcpd.conf
systemctl restart isc-dhcp-server
BASH
end
# Debian DNS -> router_0 (192.168.226.65)
config.vm.define "debiandns" do |debiandns|
debiandns.vm.box = "debiandns"
debiandns.vm.communicator = "ssh"
debiandns.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
debiandns.vm.provider "virtualbox" do |vb|
vb.name = "MV_DEBIANDNS"
vb.memory = 2048
vb.cpus = 2
end
debiandns.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 192.168.226.65 dev enp0s8
BASH
end
# Debian Slave -> router_0 (192.168.226.65)
config.vm.define "debianslave" do |debianslave|
debianslave.vm.box = "debianslave"
debianslave.vm.communicator = "ssh"
debianslave.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
debianslave.vm.provider "virtualbox" do |vb|
vb.name = "MV_DEBIANSLAVE"
vb.memory = 2048
vb.cpus = 2
end
debianslave.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 192.168.226.65 dev enp0s8
BASH
end
# Debian LDAP -> router_0 (192.168.226.65)
config.vm.define "debianldap" do |debianldap|
debianldap.vm.box = "debianldap"
debianldap.vm.communicator = "ssh"
debianldap.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
debianldap.vm.provider "virtualbox" do |vb|
vb.name = "MV_DEBIANLDAP"
vb.memory = 2048
vb.cpus = 2
end
debianldap.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 192.168.226.65 dev enp0s8
BASH
end
# Rocky FTP -> router_0 (192.168.226.65)
config.vm.define "rockyFTP" do |rockyFTP|
rockyFTP.vm.box = "rockyFTP"
rockyFTP.vm.communicator = "ssh"
rockyFTP.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
rockyFTP.vm.provider "virtualbox" do |vb|
vb.name = "MV_ROCKYFTP"
vb.memory = 1024
vb.cpus = 1
end
rockyFTP.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 192.168.226.65 dev enp0s8
BASH
end
# Rocky NFS -> router_0 (192.168.226.65)
config.vm.define "rockyNFS" do |rockyNFS|
rockyNFS.vm.box = "rockyNFS"
rockyNFS.vm.communicator = "ssh"
rockyNFS.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
rockyNFS.vm.provider "virtualbox" do |vb|
vb.name = "MV_ROCKYNFS"
vb.memory = 1024
vb.cpus = 1
end
rockyNFS.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 192.168.226.65 dev enp0s8
BASH
end
# =================================================
# ROUTER aborrego - 192.168.226.1
# =================================================
config.vm.define "router_3" do |router_3|
router_3.vm.box = "debian"
router_3.vm.hostname = "gateway-ana"
router_3.vm.network "public_network", ip: "172.25.203.12", netmask: "255.255.0.0"
router_3.vm.network "private_network", ip: "192.168.226.1", netmask: "255.255.255.192", virtualbox__intnet: "red_interna"
router_3.vm.provider "virtualbox" do |vb|
vb.name = "MV_DEBIAN_ROUTER"
vb.memory = 1024
vb.cpus = 1
vb.customize ["modifyvm", :id, "--nictype2", "virtio"]
vb.customize ["modifyvm", :id, "--nictype3", "virtio"]
vb.customize ["modifyvm", :id, "--nictype4", "virtio"]
end
router_3.vm.provision "file", source: "dhcpd.conf", destination: "/tmp/dhcpd.conf"
router_3.vm.provision "shell", inline: <<-BASH
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -p
ip route del default || true
ip route add default via 172.25.130.254 dev enp0s8
echo "nameserver 172.25.130.254" > /etc/resolv.conf
printf '#!/bin/sh\nexit 101\n' > /usr/sbin/policy-rc.d
chmod +x /usr/sbin/policy-rc.d
echo "iptables-persistent iptables-persistent/autosave_v4 boolean true" | debconf-set-selections
echo "iptables-persistent iptables-persistent/autosave_v6 boolean false" | debconf-set-selections
DEBIAN_FRONTEND=noninteractive apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y iptables-persistent isc-dhcp-server
rm /usr/sbin/policy-rc.d
mkdir -p /etc/iptables
iptables -t nat -A POSTROUTING -o enp0s8 -j MASQUERADE
iptables-save > /etc/iptables/rules.v4
sed -i 's/INTERFACESv4=""/INTERFACESv4="enp0s9"/' /etc/default/isc-dhcp-server
cp /tmp/dhcpd.conf /etc/dhcp/dhcpd.conf
systemctl restart isc-dhcp-server
BASH
end
# Debian lab -> router_3 (192.168.226.1)
config.vm.define "debianlab" do |debianlab|
debianlab.vm.box = "debianlab"
debianlab.vm.communicator = "ssh"
debianlab.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
debianlab.vm.provider "virtualbox" do |vb|
vb.name = "MV_DEBIAN_LAB"
vb.memory = 2048
vb.cpus = 2
end
debianlab.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 192.168.226.1 dev enp0s8
BASH
end
# Rocky lab -> router_3 (192.168.226.1)
config.vm.define "rockylab" do |rockylab|
rockylab.vm.box = "rockylab"
rockylab.vm.communicator = "ssh"
rockylab.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
rockylab.vm.provider "virtualbox" do |vb|
vb.name = "MV_ROCKY_LAB"
vb.memory = 1024
vb.cpus = 1
end
rockylab.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 192.168.226.1 dev enp0s8
BASH
end
# Rocky lab GUI -> router_3 (192.168.226.1)
config.vm.define "rockylabgui" do |rockylabgui|
rockylabgui.vm.box = "rockylabgui"
rockylabgui.vm.communicator = "ssh"
rockylabgui.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
rockylabgui.vm.provider "virtualbox" do |vb|
vb.name = "MV_ROCKY_LAB_GUI"
vb.memory = 2048
vb.cpus = 2
end
rockylabgui.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 192.168.226.1 dev enp0s8
BASH
end
# Ubuntu lab -> router_3 (192.168.226.1)
config.vm.define "ubuntulab" do |ubuntulab|
ubuntulab.vm.box = "ubuntulab"
ubuntulab.vm.communicator = "ssh"
ubuntulab.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
ubuntulab.vm.provider "virtualbox" do |vb|
vb.name = "MV_UBUNTU_LAB"
vb.memory = 4096
vb.cpus = 4
end
ubuntulab.vm.provision "shell", inline: <<-BASH
ip route del default || true
ip route add default via 192.168.226.1 dev enp0s8
BASH
end
# Windows 10 lab -> router_3 (192.168.226.1)
config.vm.define "w10lab" do |w10lab|
w10lab.vm.box = "w10lab"
w10lab.vm.communicator = "winrm"
w10lab.winrm.username = "vagrant"
w10lab.winrm.password = "vagrant"
w10lab.vm.network "private_network", type: "dhcp", virtualbox__intnet: "red_interna"
w10lab.vm.provider "virtualbox" do |vb|
vb.name = "MV_W10_LAB"
vb.memory = 4096
vb.cpus = 4
vb.gui = true
end
w10lab.vm.provision "shell", inline: <<-POWERSHELL, privileged: true
Remove-NetRoute -DestinationPrefix "0.0.0.0/0" -Confirm:$false -ErrorAction SilentlyContinue
New-NetRoute -DestinationPrefix "0.0.0.0/0" -NextHop "192.168.226.1" -InterfaceAlias "Ethernet 2"
POWERSHELL
end
end