Anything to watch out for??

tarionyx said:
Am I able to get a copy of DA to test in a VM, so that I can do a full test install?
Click to expand...
Interestingly enough, I answered this question earlier tonight.

Yes, you can but you'll need a public IP#, as DA won't install or run without it.

Jeff
 
yeah the public IP thing becomes the problem because I don't usually use network bridged mode in VMware, I use NAT because it seems to work better for me, and I can isolate the VM better.

Quick question though, I was installing CentOS in VM yesterday, and I did a minimal install, and it still installed samba, and a large number of packages. What do you usually do to get a server ready for DA?

Minimal install
remove samba
update?
put on public IP
ship/bring to datacenter
ssh/console in
install DA

voila?

Anything I'm missing because I'm going to finish building the server tonite, and get CentOS on it.
 
Remove everything you don't need - cups, pcmcia-cs, bluez-utils, isdn4kutils, ncsd, psacct, NetworkManager, netdump, kernel-utils, nfs-utils, portmap, tux, xorg-x11-libs, rhnlib, redhat-artwork, cups-libs, gamin.

For a DA system, remove other installed packages that DA will update itself.

then yum update.

I always leave in a local IP too, it doesn't hurt and its always easier when/if you have to bring it home.

I also do everything using ssh with key auth the moment I can, even on my own network - last thing you want is not to be able to connect once its far away.

I also install the firewall locally and make sure I can connect with my home IP.

I also install webmin just in case SSHD fails.
 
I have console access in the event that ssh doesn't work, but definitely some good suggestions!! :)

which firewall do you use on the system, and what do you use to configure it? I have minimal experience with linux/bsd firewalls, and more experience with cisco ACLs/PIX, etc
 
We use kiss or APF. Both are for linux, and both have been discussed on these forums.

Both work by controlling the iptables userspace access to netfilter.

Is netfilter compiled in to your linux kernel?

Jeff
 
jlasman said:
We use kiss or APF. Both are for linux, and both have been discussed on these forums.

Both work by controlling the iptables userspace access to netfilter.

Is netfilter compiled in to your linux kernel?

Jeff
Click to expand...

I'm not sure...I'm just about to start the minimal installation for CentOS :)
 
well, I went through it, and everything installed fine, I locked things down, installed APF+BFD and everything looked great. Shipped the server out yesterday.

However, I installed SELinux, and I just read on here that DA won't work with SELinux....what can I do???
 
well i think i just found something...

I can change /etc/selinux/config to read

SELINUX=permissive

and reboot....so i'm trying this with my VMWare install, and playing with snmpd
 
You must log in or register to reply here.
Back
Top