blog.kaniski.eu I just wanna learn!

4Sep/170

Deploying Linux machines by using System Center 2016: Virtual Machine Manager templates

In light of "Microsoft loves Linux" initiative, you can now deploy your Linux virtual machines by using templates in the System Center 2016: Virtual Machine Manager. As I was searching on how to do this (successfully), there were couple of articles that helped, so I’ve decided to do a short list of all the necessary steps (in one place).

Steps to make your Linux VM template deployments work:

  • create a new (Generation 2) virtual machine (as you would normally do)
  • install the Linux operating system in that virtual machine (as you would normally do)
    • HINT: A list of supported Linux distributions and versions on Hyper-V is available here.
  • install the Linux Integration Services (LIS) (as per this post):
    • open the "modules" file
    • add the following to the end of this file:
    • save it (Ctrl+X and Y)
    • install LIS and reboot the machine by using the following commands:
    • check if the services are running by using the command:
  • install the Virtual Machine Manager agent (as per this post):
    • share the folder C:\Program Files\Microsoft System Center 2016\Agents\Linux on your VMM machine
    • copy the VMM agent files to Linux virtual machine
      • as a real Windows admin, I did it through the GUI
    • install the agent:
  • fix the boot for Generation 2 virtual machine (boot information is by default stored in the VM configuration file, not on disk – Ben wrote a great article on this “issue”)
    • Ben’s way (didn’t work for me):
      • change directory to the boot EFI directory
      • copy the ubuntu directory in to a new directory named boot
      • change directory to the newly created boot directory
      • rename the shimx64.efi file
    • TriJetScud’s way in the comments (worked for me with Ubuntu 16.04 Generation 2 VM):
  • shutdown the virtual machine and copy its VHDX to the VMM Library
    • HINT: Don't forget to refresh the VMM Library.
  • go to the VMM Library, right-click the copied VHDX and select the Create VM template option
  • proceed with creating the template as you normally would, to the part Configure Operating System
    • HINT: If you are using Secure boot, don’t forget to select the MicrosoftUEFICertificateAuthority template in hardware settings.
  • there, under Guest OS profile, you select the option to create a new Linux operating system customization settings
  • next you specify your guest OS settings and finish creating the template
  • now you can create a new Linux virtual machine from the template you’ve configured!

Hope it helps!

Cheers!

15Jul/1410

Office 365 and BIND

And now… something completely different. Smile

The other day I was “playing” with setting up Office 365 for one of our clients – they have Linux machines for their DNS servers, and BIND as their DNS solution. As this was my first encounter with configuring BIND by myself, I just wanted to share steps I’ve taken to make it work (in my lab environment) – maybe it will help someone…

DISCLAIMER: I’m not a Linux/UNIX expert! I try to figure out what I need, and then try to make this work… with the help of Internet resources (or experts), of course. There is plenty of resources on how to do this already, but I like to have things in one place if I need them again. Smile

So, I’ve began my experiment with wondering which Linux distribution should I take. After some consulting (thanks, Ingrid Smile), the final choice was pretty easy – Fedora (criteria – had to be relatively easy to use (for non-Linux person like me), had to work in Hyper-V without much trouble, and there should be someone who can help if I got stuck). Smile

After a pretty simple installation process (wizard, Next, …, Next, Finish), I’ve had my Fedora box up and running.

image
Now, the more complicated part – setup this box to be BIND server, and load the correct records in it, so that Office 365 can add and verify my domain.

Here are the high-level steps (I’ve used Terminal, with su rights):

1. install few packages to get things up and running:

2. configure the BIND (DNS) server to run at startup:

3. query the firewall rules for UDP port 53 access:

4. open the required firewall ports (list of TCP and UDP ports):

5. edit the /etc/named.conf file:

6. comment the lines that are preventing your BIND server from responding to “outside” requests:

7. add your local subnet to allowed list (and add some forwarders for resolving other domains and records):

8. enable recursion:

9. add your zone and a “pointer” to your zone file:

10. create and edit the zone file specified:

11. add the required records to your zone file (by the instructions that Office 365 gives you; sorry about the formatting):

12. save the files, and check the new zone:

13. restart the service and start using it:

And Office 365 response after this – success! Smile

image
Things I’ve learned during this “adventure”:

  • you should be careful about the trailing “.” (dot) in FQDN-s that you are using – if you miss it somewhere, you’ll get errors loading the zone
  • there are great guides that can help you – one of them is BIND9 Server: How to (although I’ve seen it a bit too late Smile)
  • don’t be afraid to ask for help!

I cannot stress this enough – this recipe is not the secure way of doing things – it’s sole purpose is to make BIND work in my lab environment!

If I missed (or misunderstood) something, feel free to comment and correct me.

Cheers!

Updated (20160917): There was a tiny error in my zone file - switched priority and wieght fields (thank you, Lenny, for pointing it out).