I own a server at Online.net which now runs VMware ESXi free edition. The thing is VMs have to access the Wild Wild Web and provide public services while still being protected. So let’s configure OpenBSD to do so. Continue reading “Protect the ESXi virtual machines with OpenBSD”
Now that I have an OpenBSD server hosted in the Wild and capable of doing virtualization, I’ll migrate all my VM hosted on Synology Virtual Machine Manager. But even if the OpenBSD installer is straight forward, deploying tens of VM takes some time. So I set up an automated environment that provides fast and (nearly) finger-less deployment.
I regularly check my pf(4) activity using pfctl(8) and pflogd(8). I already monitored pf using collectd(1) and rrdtool. This time, I wanted to use my already configured InfluxDB/Grafana system. The thing is, Telegraf is not (yet) available in OpenBSD 6.3. So I used a Telegraf container to remotely poll OpenBSD using the native SNMP OPENBSD-PF-MIB.