“Ubuntu 16.04 LTS Landscape Server – part 3/6”



The starting point for our lab is now the following:

Screen Shot 2017-06-15 at 15.35.57


Once we’ve done that tasks we can pass to configure the SSL cert, from our Maas Server we’ve run the following command

$: juju switch landscapelab

then connecting via SSH on LXD container dedicated to Landscape Server

$: juju ssh ubuntu@landscape-server/0

then we will now have an SSL cert at /etc/ssl/certs/landscape_server_ca.crt which we need to copy and make a note of.

$: cat /etc/ssl/certs/landscape_server_ca.crt

Make a safe note of the contents of that file. Next, switch over to our client server:

$: juju switch serverslab

then connecting via SSH on LXD container dedicated to Landscape Client

$: juju ssh ubuntu@12

Next, create the file /etc/landscape/server.pem and then paste the content of the server SSL cert into this file.

$: sudo nano /etc/landscape/server.pem

After this, we need to add the variable ssl_public_key to our Landscape configuration file /etc/landscape/client.conf

$: sudo nano /etc/landscape/client.conf

and adding the line

ssl_public_key = /etc/landscape/server.pem

The final step is to run the configuration utility on the client machine, as suggested us on our Landscape Server dashboard:

Screen Shot 2017-06-15 at 16.50.40

run the following command on client server

$: sudo landscape-config --computer-title "webserver1" --account-name standalone -p 128-qosk-7382 --url --ping-url

We’ll be asked a few questions

The Landscape client must be started on boot to operate correctly.
Start Landscape client on boot? (Y/n): y
This script will interactively set up the Landscape client. It will
ask you a few questions about this computer and your Landscape
account, and will submit that information to the Landscape server.
After this computer is registered it will need to be approved by an
account administrator on the pending computers page.
Please see https://landscape.canonical.com for more information.
The Landscape client communicates with the server over HTTP and
HTTPS.  If your network requires you to use a proxy to access HTTP
and/or HTTPS web sites, please provide the address of these
proxies now.  If you don't use a proxy, leave these fields empty.
HTTP proxy URL: 
HTTPS proxy URL: 
Landscape has a feature which enables administrators to run
arbitrary scripts on machines under their control. By default this
feature is disabled in the client, disallowing any arbitrary script
execution. If enabled, the set of users that scripts may run as is
also configurable.
Enable script execution? [Y/n]y
By default, scripts are restricted to the 'landscape' and
'nobody' users. Please enter a comma-delimited list of users
that scripts will be restricted to. To allow scripts to be run
by any user, enter "ALL".
Script users [ALL]: 
You may provide an access group for this computer e.g. webservers.
Access group: webserver
You may provide tags for this computer e.g. server,precise.
Tags [server,xenial,web]: 
[ ok ] Restarting landscape-client (via systemctl): landscape-client.service.
Please wait...
Request a new registration for this computer now? (Y/n): n

after that on Landscape Server Dashboard we’ll have our Computer added. Now that the machine is registered as a pending computer it can be accepted into our account.

Screen Shot 2017-06-15 at 17.36.47

Screen Shot 2017-06-15 at 17.38.18

at moment also the third part is ended.

<– part 2/6 . part 4/6 ->

“cya to the next 1…. Njoy !”
bye dakj

Disclaimer: All the tutorials included on this site are performed in a lab environment to simulate a real world production scenario. As everything is done to provide the most accurate steps to date, we take no responsibility if you implement any of these steps in a production environment.

“We learn from our mistakes”