vCloudFreeBSD ready for testing
You can download it here: http://cvs.pfsense.org/~sullrich/vCloudBSD.iso.gz
Please see previous posts for more information about vCloudFreeBSD.
Google Chrome Tip: Encrypting searches via address bar
It's quite easy to encrypt all of your Google searches that are
initiated via your address bar.
2. Click +
3. Enter EncryptedGoogle for the Name
4. Enter google for the Keyword
5. Set the URL to https://encrypted.google.com/search?q=%s
6. Click OK
7. Find the newly created EncryptedGoogle item and click it. Then click the Make Default button See attached picture as a reference for the above. Now try searching from your Google Chrome address bar and it should
automatically encrypt!
Blocking all other DNS queries except to OpenDNS for content filtering
Here is a mini-tutorial on how to configure and block all DNS queries
except for those to OpenDNS. This is handy if you use OpenDNS's
filtering features and want to ensure that someone with access on
machines cannot change their DNS server to something else like
Google's public DNS, etc.
208.67.220.220
2. Add a firewall rule on LAN TAB permitting UDP source:any to the
firewalls LAN IP Address, port 53 (destination IP and port)
3. Move this newly created rule from step #2 to the very top of the
rules list on the lan tab
4. Add a new rule blocking protocool TCP/UDP source:any destination:any.
5. Move the rule you created in step #4 to the second position behind
the permit rule that you moved in step #3.
6. That’s it. Enjoy the fact that the hosts behind pfSense can only
talk to the built in dns resolver running on lan which uses OpenDNS. When are you done you should have two rule entries that look like this picture. Enjoy!
EDIT: a similar document to this just hit the pfSense docs site: http://doc.pfsense.org/index.php/Blocking_DNS_queries_to_external_resolvers
vCloudBSD auto installation checklist
Here are the things that you need to do in order to kick off aautomated vCloudBSD installation: 1. Setup DHCP lease for the MAC Address of the server's NIC
2. Setup forward and reverse DNS for the hostname
3. Add the hostname to your Puppet manifest
4. Boot vCloudBSD VM Most of these things could be automated by adding a wrapper to your
XEN or VMWARE installation. I personally have not automated these
steps as of yet but it is something I am looking into for my
infrastructure. Either way vCloudBSD has taken my time to roll out a
server from 3-4 hours (and sometimes longer) to about 3-4 minutes.
Private vCloudBSD ALPHA launched. Just DM me on twitter!
The vCloudBSD private ALPHA is underway! Simply DM me on twitter@sullrich and I will send you the ISO location. vCloudBSD is only useful if you have puppet already deployed using
FreeBSD or simply want a ISO that will automatically configure a swap
and / partition that installs FreeBSD using pc-sysinstaller from
PCBSD. vCloudBSD might be useful if you want to begin using Puppet + FreeBSD
as well! If there is enough of a demand I can setup a forum area to
discuss this topic or help out if you are looking for manifest advice.
I don't claim to know it all but I do have a great working setup
that does wonders for my workload.
vCloudFreeBSD
vCloudFreeBSD is coming along nicely. Once vCloudFreeBSD has auto-installed to the first available hard diskit reboots and Puppet takes over the installation... Taking around 5
minutes to a fully serving php5 + apache22 web server + mysql. Alpha release and more information to come soon!
Stage Directions with a Puppet (or two)
For the last week I have been researching Data Center automation andprovisioning tools such as Chef, CFEngine3 and Puppet. I read all
kinds of good things about each of the 3 but ultimately decided to
give Puppet a whirl. What I am embarking on is a vCloud version of FreeBSD that will assist
FreeBSD ESXi users that want to build a completely automated vCloud
infrastructure. So with that goal in mind I decided to start a new
open source project: vCloudFreeBSD vCloudFreeBSD's ultimate goal is to be able to boot an ISO (FreeBSD of
course) and have the PCSysinstaller kick in and automatically install
to the first hard disk that is found. I will probably extend it to be
able to query a server for a kickstart configuration down the road. After the first bootup + installation the virtual machine will reboot
and pause for 9 seconds allowing the user to cancel auto provisioning
and enter manual setup mode which will allow static configuration of
the NIC, hostname, etc. If you allow the system to bootup in auto provisioning mode it will
use DHCP on the NIC and pull the machines IP Address and Hostname At this point Puppet will kick in and setup the server and get it online. I'll post more here soon about what I like about Puppet and dislike.
Stay tuned!
About Me
sullrichCo-founder of the pfSense project. BSD License advocate.
Disclaimer: Posts here are my own opinion.
Search
Tags
- Distribution (4)
- FreeBSD (4)
- Installer (4)
- LiveCD (4)
- Puppet (4)
- devops (4)
- pc-sysinstaller (4)
- vCloud (4)
- VMWare (2)
- Filtering (1)
- View all 12 tags »
