Datacenter Maintenance Outage Thursday @1am PST Login: Visitor LOGIN Help
Asset Management
Search 1083 records:
Search Retired         Batch Search
LIST ALL
     Profile

  Support Docs
  Activity Log

  System Info


Build Checklist
Retire Checklist

tron - Build Checklist
These followings is the checklist to build a Linux VM for the EXTRANET:

waingrow - 15/06/28
 1. Find available IP address in the master /etc/hosts

waingrow - 15/06/28
 2. Update the /etc/sysconfig/network-scripts/ifcfg-eth0 file to have appropriate values. Use an existing system as a guide.

waingrow - 15/06/28
 3. Update the /etc/sysconfig/network file to have appropriate values.

waingrow - 15/06/28
 4. Remove all entries from /etc/udev/rules.d/70-persistent-net.rules and then reboot the machine.

waingrow - 15/06/28
 5. Fix the timezone on the host by doing the following:

    a. rm /etc/localtime

    b. ln -s /usr/share/zoneinfo/US/{Eastern/Pacific} /etc/localtime


waingrow - 15/06/28
 6. Edit the /etc/resolv.conf to have proper values (use another system as a guide).

waingrow - 15/06/28
 7. Run yum update to get the system up to date. Make sure proper repos are in /etc/yum.repos.d directory first (get from another system).

waingrow - 15/06/28
 8. Send Request for a DNS Entry to be added.

waingrow - 15/06/28
 9. Set up tripwire.
    a. Uninstall teagent and TWeagent if they're installed.

    b. Go to /tmp/te_agent* directory.

    d. Run the te_agent.bin installer that is in the tripwire directory tree.

    f. Run /etc/init.d/twdaemon start

    g. ps -ef grep tripwire to make sure tripwire java program is running.


waingrow - 15/06/28
 10. Configuring a second partition if needed

waingrow - 15/06/28
 11. Update sshd_config to block Root logins and allow Nessie exception. 
    PermitRootLogin no
PubkeyAuthentication yes
    
ChallengeResponseAuthentication no
    
UsePAM yes
    
AllowTcpForwarding no
    
UseDNS no
    

    
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour
    
	
    
# Disable Nessus scanner password auth so only PubKey will work.
    
Match User nessie
    
PasswordAuthentication no


waingrow - 15/06/28
 12. Update the /etc/sudoers file to allow SysAdmins to run root commands.

waingrow - 15/06/28
 13. Run setup and disable/enable unnecessary services.

waingrow - 15/06/28
 14. Install any additional software that customer requested.

waingrow - 15/06/28
 15. MAKE A BACKUP!

waingrow - 15/06/28
 16. Configure system for Nagios.

waingrow - 15/06/28
 17. Send email to SysAdmins asking for one of them to vet the system.

waingrow - 15/06/28
 18. SysAdmin has completed vetting the system.

waingrow - 15/06/28
 19. Make sure the proper root password is set.

waingrow - 15/07/01
 20. Verify with customer that everything is correct on the system.

waingrow - 15/07/01
 21. Update as much information in KASM as possible for the profile of the server.

waingrow - 15/07/01
 22. Turn the system over to the customer as delivered