windesheim-iac

Setup ESXi Hypervisor

In Skylab request a new ESXi hypervisor with 4 cores and 16 gb of RAM.

Add a new dish with 50 gb of storage.

Note

The hypervisor does not accept SSH connections yet, or incoming connections from the VPN Network.

Connect to the remote console of the ESXi hypervisor.
1. Press F2 to login.
2. Navigate to Troubleshooting Options → Enable SSH.
3. Restart Management Agents (under "Restart Management Network").
From within a reachable VM on the VPN Network, SSH into the ESXi Hypervisor. (e.g. first SSH into 192.168.1.10, then from that session SSH into 192.168.1.5)
1. Enable incoming trafic from the VPN subnet: esxcli network ip route ipv4 add --gateway=192.168.1.1 --network=10.0.0.0/24
2. Enable this on startup:
  1. vi /etc/rc.local.d/local.sh
  2. Add just before the final exit 0 line: esxcli network ip route ipv4 add --gateway=192.168.1.1 --network=10.0.0.0/24

Now you can access the ESXi dashboard on 192.168.1.5 (or whatever the ip of the hypervisor is).

Add a new datastore:

Setup Linux Development Environment

In Skylab request a new Ubuntu Server 24.04 machine.

Enable network access:

Gain access to the terminal in the new machine (similar to step 4.0 from the ESXi setup)
Edit the /etc/netplan/99-netcfg-vmware.yaml file to contain routes and nameservers:

network:
version: 2
renderer: networkd
ethernets:
    ens192:
    dhcp4: no
    dhcp6: no
    addresses:
        - 192.168.1.6/24
    routes:
        - to: default
          via: 192.168.1.1
    nameservers:
        addresses:
        - 192.168.1.1

sudo netplan apply

SSH Access:
1. Generate 3 SSH key pairs
  1. ssh-keygen -t ed25519 -f ~/.ssh/devhost
  2. ssh-keygen -t ed25519 -f ~/.ssh/skylab
  3. ssh-keygen -t ed25519 -f ~/.ssh/azure
2. cat ~/.ssh/devhost.pub >> ~/.ssh/authorized_keys
3. chmod 400 authorized_keys
Copy the keys
1. Copy the content of devhost to a file on your local machine: scp student@192.168.1.6:/home/student/.ssh/devhost D:/School/devhost
2. Set the permissions of that file with Powershell as admin:
  1. icacls "D:\School\devhost" /inheritance:r
  2. icacls "D:\School\devhost" /grant:r "$($env:USERNAME):(R)"
3. Upload the azure public key to Azure:
Now you can access the VM via VSCode:
1. Install the Remote Explorer extension.
2. Add this to your ssh config:
```
Host iac-devhost
  Hostname 192.168.1.6
  User student
  IdentityFile D:/School/devhost
```
1. Connect to the machine in VSCode:
Install deps: sudo apt install git unzip curl sshpass
Install OVFTool
1. wget https://github.com/rgl/ovftool-binaries/raw/main/archive/VMware-ovftool-4.6.3-24031167-lin.x86_64.zip
2. unzip VMware-ovftool-4.6.3-24031167-lin.x86_64.zip
3. sudo mv ovftool vmware-ovftool
4. sudo mv vmware-ovftool /usr/bin/
5. sudo chmod +x /usr/bin/vmware-ovftool/ovftool.bin
6. sudo chmod +x /usr/bin/vmware-ovftool/ovftool
7. sed -i '$ a\PATH=$PATH:/home/student/.local/bin:/usr/bin/vmware-ovftool' ~/.bashrc
Install PIP and Ansible
1. sudo apt-get update && sudo apt-get install -y gnupg software-properties-common python3-pip pipx
2. pipx ensurepath
3. pipx install --include-deps ansible
4. pipx install ansible-lint
Install Terraform
wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt-get update && sudo apt-get install terraform
Install Azure CLI
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
Login with az login
Choose the 2 - HBO ICT subscription

Test Connection

Run the following command and enter the password of the root user on the ESXi Hypervisor: ansible -i '192.168.1.5,' -m ping all -u root -k

This will return a success message: