Showing posts with label PhotonOS. Show all posts
Showing posts with label PhotonOS. Show all posts

Friday, November 17, 2017

Enable SSH and pings to PhotonOS

In the previous post we saw how to configure static IP for PhotonOS.

Lets take a look at how to enable SSH and set to start at boot.

Two simple commands -

# Start Service - systemctl start sshd

# Configure SSH service to automatically start at boot - systemctl enable sshd

 PhotonOS uses iptables firewall which by default will block everything except SSH.

 Lets allow pings using the following commands

iptables -A OUTPUT -p icmp -j ACCEPT

 iptables -A INPUT -p icmp -j ACCEPT

 Note: This change is not persistent. 

 So how do we get this to be persistent ? Lets see - 

 /etc/systemd/scripts/iptables is the script that gets executed on iptables service start. So we can add our rules at the end of this script and ICMP rules will be persistent.



Reboot and check it out yourself !
Posted by at No comments:
Labels: , , ,

Configure Static IP on PhotonOS

To obtain the name of your Ethernet link run the following command:  networkctl


If this is the first time you are using Photon OS, you will only see the first 2 links. The others got created because I ran some docker swarms and created customer network bridges.

The network configuration file is located at -

                   /etc/systemd/network/

You might see the file 10-dhcp-eth0.network. I renamed this file to static.

You can do this by running the following command -

root@photon [ ~ ]# mv /etc/systemd/network/10-dhcp-eth0.network  /etc/systemd/network/10-static-eth0.network

Use vi editor to edit the file and add your static IP, Gateway, DNS, Domain and NTP.

This is how the file would look like. 

root@photon [ ~ ]# cat /etc/systemd/network/10-static-eth0.network
[Match]
Name=eth0  <<<<<<< “Make sure to change this to your adapter. ipconfig to check adapter name”

[Network]
Address=10.xx.xx.xx/24
Gateway=10.xx.xx.1
DNS=10.xx.xx.xx 10.xx.xx.xx
Domains=na.xx.com
NTP=time.nist.gov

Apply the changes by running -

systemctl restart systemd-networkd

 Try to ping out form the OS. 

 Note: You will not able able to ping this VM as by default the iptables firewall blocks everything except SSH. In my next blog I will explain how to allow ping on iptables.

Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)