Virtual Appliance
Creation OSA VAPP - Release 10

Oplon release 10 VAPP creation from scratch

Compatibility Matrix: Operating System Modules and Services

VAPPs are provided with the services necessary for the operation of the Oplon system. Nevertheless, it is possible to install other features to the base operating system pre-verified the coexistence of modules with the services provided by the Oplon suite.

Creating a Virtual Appliance from a Linux Image

In many circumstances, it is more convenient to create a Virtual Appliance directly from operating system images provided by cloud providers. This allows you to use certified and proven Virtual Appliances in the environment in which they will operate with in most cases also the APIs that serve to make the Virtual Appliance a perfectly integrated tool.

Creating a Virtual Appliance in an already installed operating system is very simple and requires very few steps to have a fully integrated VAPP Oplon.

Installation can be done both online, if the Virtual Appliance has Internet connectivity, or offline, if the Virtual Appliance does not have Internet connectivity. Installing the Virtual Appliance plans to perform some steps to prepare for the setup that will be fully guided.

The supported operating systems for the ADC system are:

  • All Linux distributions with Kernel 3 or higher based on CentOS or Debian derivatives (yum / dnf / apt packages management tools)
  1. Administrator User Creation (if not exists)

    # groupadd administrator
    # useradd -m -g administrator administrator
  2. Enabling the administrator user to run sudo

    vi /etc/sudoers
    ##Allow root to run any commands anywhere
    root ALL(ALL) ALL
    administrator ALL(ALL) ALL
  3. Creating the Support Directory

    # mkdir /share
    # chmod 777 /share
  4. Adjusting the host name (name is at discretion)

    # hostname OPLONR10
  5. Add the host name to: (the name is at your discretion)

    # vi /etc/hosts OPLONR10
  6. Add the host name to: (the name is at your discretion)

    # vi /etc/hostname
  7. Disabling Linux SE getenforce test se enforce abilitata

    # vi /etc/selinux/config
    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    # enforcing - SELinux security policy is enforced.
    # permissive - SELinux prints warnings instead of enforcing.
    # disabled - No SELinux policy is loaded.
    # SELINUXTYPE= can take one of three two values:
    # targeted - Targeted processes are protected,
    # minimum - Modification of targeted policy. Only selected processes are protected.
    # mls - Multi Level Security protection.\
    # SELINUXTYPE=targeted
  8. Firewall Stop and disable

    # systemctl stop firewalld
    # systemctl disable firewalld
    # ufw disable
  9. Disable Link-Local Multicast Name Resolution (LLMNR) (only if it exists)

    # vi /etc/systemd/resolved.conf
  10. Restart systemd-resolved (only if /etc/systemd/resolved.conf exists)

    # service systemd-resolved restart
    # systemctl restart systemd-resolved
  11. Make sure you can't access from root through ssh

    # vi /etc/ssh/sshd_config
    #LoginGranceTime 2m
    PermitRootLogin no
    #StrictMode yes
    #MaxAuthTries 6
    #MaxSessions 10
  12. Restarting the ssh service

    # systemctl restart sshd.service
  13. Installing the required packages (dnf versioni CentOS 8, yum CentOS 7)

    # dnf -y update
    # dnf -y install yum-utils
    # dnf -y install unzip
    # dnf -y install wget
    # dnf -y install rsync
    # dnf -y install bzip2
    # dnf -y install tar
    # dnf -y install open-vm-tools


    # apt-get update
    # apt-get -y install unzip
    # apt-get -y install wget
    # apt-get -y install rsync
    # apt-get -y install bzip2
    # apt-get -y install tar
    # apt-get -y install open-vm-tools
  1. Service ntp (CentOS7) / chrony (CentOS8) CentOS 7 - ntp installation:
   # yum -y install ntp
   # vi /etc/ntp.conf

//// modificare come di seguito

interface ignore wildcard
interface listen
interface listen ::1
#restrict ::1
# systemctl restart ntpd.service

Verifica dei listeners (ss -nlptu) Disabilitazione dei listeners:

# systemctl stop ntpd.service
# systemctl disable ntpd.service

CentOS 8 - chrony installation:

# dnf -y install chrony
# systemctl stop chronyd
# systemctl disable chronyd
  1. Stop and disable postfix (if any)

    # systemctl stop postfix.service
    # systemctl disable postfix.service
  2. Network manager (if existing) edit the following file to disable the disabling functionality of the card in case of cable disconnection:

    # vi /etc/NetworkManager/NetworkManager.conf

    add or change

  3. Permanently disable the swap partition Commentare le righe di "mount" delle partizioni di swap

    # vi /etc/fstab

  1. Reboot, New10
    # reboot
  2. CHECKING ACTIVE LISTENERS For security reasons, make sure that there are no processes with active listeners on addresses exposed to the public or Only SSHD listeners must remain, which will need to be modified to accept connections only from trusted addresses (e.g. backend network, magement, etc.).
    # ss -nlptu
    # netstat -nlptu

OPLON Virtual Appliance creation from the Internet

To install the Virtual Appliance from the Internet, simply do the following:

  1. From root go to /share

    # cd /share
  2. Download intsaller from (opens in a new tab)

    # wget --no-cache --no-check-certificate -N ""
  3. Start installer from /share

    # bash
    Login: vostro_login_OPLON
    Password: vostra_password_OPLON

    ... downloads packages...

  4. If update will appear this message, if new installation will not be prompted

    Do you wish to backup TCOProject files (yes/no/y/n) ? Y
  5. Operating system update and upload packages from the Internet (ANSWER YES THE FIRST TIME WHY IT INSTALLS THE USEFUL PACKAGES TO OPLON)

    Do you wish to update Operating System (yes/no/y/n) ? y
  6. When you're done, the appliance setup screen will appear:

First login from Oplon Global Distributed Gateway

From the console you can verify the current configuration and associated DHCP address through normal Linux commands (ip addr).

The Oplon Monitor and Oplon Global Distributed Gateway system are by default set to accept connections from all networks.

Then, check with the "ip addr" command for an available address and log in from Oplon Management Console, Oplon Web Console, or Oplon Global Distributed Gateway at the specified address, e.g.:

To access Oplon Global Distributed Gateway services, type:


(where x.x.x.x is any system address if you haven't changed the address or the address you choose with oplonsetup).

(where x.x.x.x is any system address if you haven't changed the address or the address you choose with oplonsetup).

If not modified during setup the login is: root