Bring Omarine to a cloud

If prefer, you can upload Omarine to a cloud such as Google Cloud for it to run on a virtual machine. The steps are as follows:

1. Prepare a blank hard disk

This hard disk may be a USB hard disk, say /dev/sdc. Create a partition of size 10GiB – 1MiB for example, so the entire disk space is exactly 10GiB:

sudo parted /dev/sdc mkpart primary ext4 1MiB 10240MiB

2. Create the ext4 filesystem on that partition, label the omarine-cloud example:

sudo mkfs.ext4 -L omarine-cloud /dev/sdc1

3. Install Omarine on that partition

a. For a small disk image, you only need to install the minimum packages. Change to the packages directory and execute:

sudo mount /dev/sdc1 /mnt &&
for dir in 00-core 00-sys 01-base 01-floor 04-net; do \
    pushd $dir; \
    for file in *; do \
        sudo rpm --root /mnt -i --nodeps --force $file; done; \
    popd; \
done

sudo rpm --root /mnt -i ./01-qt/json-c-0.12.1-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./02-kde/lmdb-0.9.21-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./02-util/lynx-2.8.8-1.x86_64.rpm --nodeps &&
sudo rpm --root /mnt ./04-net/bind-9.11.2-1.x86_64.rpm --reinstall &&
sudo rpm --root /mnt -i ./02-util/sudo-1.8.20-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./03-x/openssh-7.5-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./01-qt/libaio-0.3.110-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./01-qt/unixODBC-2.3.4-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./02-util/apr-1.6.2-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./02-util/apr-util-1.6.0-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./02-util/libevent-2.1.8-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./02-util/net-tools-20101030-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./02-util/wget-1.19.1-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./03-x/httpd-2.4.27-1.x86_64.rpm &&
sudo rpm --root /mnt -i ./06-ap/mysql-5.7.19-1.x86_64.rpm --nodeps &&
sudo rpm --root /mnt -i ./06-ap/php-7.1.8-3.x86_64.rpm

Later running Omarine in the cloud you can install additional packages.

b. Set the password for root and add a normal user, for example tuyen:

sudo chroot /mnt passwd root &&
sudo chroot /mnt useradd -m tuyen &&
sudo chroot /mnt usermod -a -G wheel tuyen &&
sudo chroot /mnt passwd tuyen

c. Create fstab file:

sudo tee /mnt/etc/fstab << EOF
/dev/sdc1 / ext4 defaults 1 1
EOF

d. Update grub to boot the new operating system later:

sudo grub-mkconfig -o /boot/grub/grub.cfg

e. Create .profile file to list files and directories with color:

tee /mnt/home/tuyen/.profile << EOF
alias ls='ls -F -b -T 0 --color=auto'
EOF

f. Modify /etc/default/grub:

sudo sed -e 's,38400n8\s,38400n8d ,' \
         -e '/GRUB_TIMEOUT/s,=[0-9]\+$,=0,' \
         -e '/GRUB_HIDDEN_TIMEOUT_QUIET/s,^#,,' \
         -e '/GRUB_HIDDEN_TIMEOUT=/s,^#,,' \
         -i /mnt/etc/default/grub

g. Open the firewall for ssh server:

sudo sed '/--sport 67/a \\n /sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT' \
         -i /mnt/lib/systemd/firewall

h. Open the firewall for web server on port 80:

sudo sed '/--sport 67/a \\n /sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT' \
         -i /mnt/lib/systemd/firewall

i. Disable ipstatic service because we use IP address assignment from the cloud:

sudo chroot /mnt systemctl disable ipstatic

j. Prevent some kernel messages including firewall messages from displaying to the console:

sudo tee /mnt/etc/rc.local << EOF
#!/bin/sh

dmesg -n 3
EOF

4. Run the new Omarine operating system

a. Make initialization of host keys for the ssh server and run the server:

sudo ssh-keygen -A &&
sudo systemctl enable ssh &&
sudo systemctl start ssh 

In addition, create the ssh configuration directory for the current user:

mkdir -p ~/.ssh

b. Run web server:

sudo mkdir -p /var/log/httpd &&
sudo systemctl enable httpd &&
sudo systemctl start httpd

c. Install grub on /dev/sdc which is intended to be used as a boot disk in the cloud, and create the grub configuration file:

sudo grub-install /dev/sdc &&
sudo grub-mkconfig -o /boot/grub/grub.cfg

d. Modify the file system table by uuid to be independent device name as the cloud will assign a device with an other name while preserving the uuid:

sudo sed 's,/dev/sdc1,UUID='$(sudo grub-probe --target=fs_uuid /)',' \
         -i /etc/fstab

5. Create and compress boot image

Suppose we have a partition /dev/sdb5 and want to create an image of the running system then save to this partition:

sudo mount /dev/sdb5 /mnt
sudo dd if=/dev/sdc of=/mnt/disk.raw bs=4M count=2560 conv=sparse
cd /mnt
sudo tar -Sczf /mnt/compressed-image.tar.gz disk.raw

Compressed image compressed-image.tar.gz should then be uploaded to Google buckets (https://console.cloud.google.com/storage/)

6. Create an image in the cloud

After uploading compressed-image.tar.gz to a bucket, you go to the images page https://console.cloud.google.com/compute/images/

Click “CREATE IMAGE” to create an image

Under “Source” select “Cloud Storage File.” Click “Browse” to select compressed-image.tar.gz just uploaded to the bucket, then click “Create”.

7. Create an instance

Select the image in the images page and click “CREATE INSTANCE.” In the firewall rule, select “Allow HTTP traffic” to test our web server.

The instances page then looks like the following

Here are two instances, in which only omarine-2 is running. It has an external IP address of 35.200.181.91. That is the Internet address of the virtual machine

8. Test the web server

You open the browser and enter the external IP address of the instance, for example 35.200.181.91, the default page in Omarine will appear.

9. Secure remote login to the virtual machine running Omarine on the cloud using ssh

a. Open the firewall for the ssh client

On the local workstation, open the firewall for the ssh client as follows:

sudo sed '/TCPOUT=/s@"$@,ssh"@' -i /lib/systemd/firewall

b. Connect to the cloud virtual machine:

To connect to a virtual machine instance, you use ssh, specify the username and the external IP address of the instance:
ssh [USERNAME]@[EXTERNAL_IP_ADDRESS]
Where:

  • [USERNAME] is the username on the virtual machine that you want to connect to.
  • [EXTERNAL_IP_ADDRESS] is the external IP address of the instance.

For example:

ssh tuyen@35.200.181.91

You will be asked for the user’s password to login.

c. Remote login using SSH key without typing password:

On the local workstation, you create a SSH key pair:

ssh-keygen

This will generate the private key ~/.ssh/id_rsa and the public key ~/.ssh/id_rsa.pub.

Now copy the public key ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys on the virtual machine:

scp ~/.ssh/id_rsa.pub [USERNAME]@[EXTERNAL_IP_ADDRESS]:~/.ssh/authorized_keys

For example:

scp ~/.ssh/id_rsa.pub tuyen@35.200.181.91:~/.ssh/authorized_keys

d. Disable password-based remote login:

Login with SSH key is more secure than using password. Once you are able to login using the SSH key and want to disable login with password, do the following on the virtual machine:

sudo sed '/^#\?PasswordAuthentication\syes$/c PasswordAuthentication no' \
         -i /etc/ssh/sshd_config &&
sudo sed '/^#\?ChallengeResponseAuthentication\syes$/c ChallengeResponseAuthentication no' \
         -i /etc/ssh/sshd_config &&
sudo systemctl restart ssh

10. Transfer files between the cloud virtual machine and the local workstation using file browser

We have used the scp command to copy the ~/.ssh/id_rsa.pub file to the virtual machine. You can also use a graphical tool – file browser to transfer files between the cloud virtual machine and the local workstation.

In Omarine we use the Files program as a file browser. For GNOME, it’s in the Activities on the desktop. For Plasma, go to Applications > Utilities.

Open the Files program, click “Other Locations“, in “Connect to Server” at the bottom of the window, enter:
sftp://[USERNAME]@[EXTERNAL_IP_ADDRESS]/home/[USERNAME]
Where [USERNAME] is the username on the virtual machine that you want to connect to.
For example:

sftp://tuyen@35.200.181.91/home/tuyen

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.