搜索到
12
篇与
的结果
-
docker安装 1.首先关闭防火墙和selinuxsetenforce 0 systemctl stop firewalld iptables -t filter -F2.安装卸载之前的dockeryum remove docker docker-common docker-selinux docker-engine -y安装docker所需安装包yum install -y yum-utils device-mapper-persistent-data lvm2安装docker yum源yum install wget -y # 官方源(国内访问不了了) wget -O /etc/yum.repos.d/docker-ce.repo https://repo.huaweicloud.com/docker-ce/linux/centos/docker-ce.repo # 可以用阿里云的(与官网的是一致的,感谢阿里云) yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo安装docker# 1、安装 yum install docker-ce -y systemctl start docker # 启动后,才会创建出目录/etc/docker # 2、修改配置 vim /etc/docker/daemon.json # 修改文件时记得去掉下面的注释 { # 1、cgroup驱动,在介绍cgroup机制时会详细介绍 "exec-opts": ["native.cgroupdriver=systemd"], # 2、由于国内特殊的网络环境,往往我们从Docker Hub中拉取镜像并不能成功,而且速度特别慢。那么我们可以给Docker配置一个国内的registry mirror,当我们需要的镜像在mirror中则直接返回,如果没有则从Docker Hub中拉取。是否使用registry mirror对Docker用户来说是透明的。 "registry-mirrors": ["https://docker.chenby.cn"], # 3、# 修改数据的存放目录到/opt/mydocker/,原/var/lib/docker/ # 3.1 老版本docker-ce指定数据目录用graph # "graph": "/opt/mydocker", # 3.2 docker20.x.x新版本不用graph,而是用data-root # "data-root": "/opt/mydocker", # 4、重启docker服务,容器全部退出的解决办法 "live-restore": true }启动并设置开机自启先创建出数据目录 [root@docker01 ~]# mkdir -p /opt/mydocker [root@docker01 ~]# systemctl restart docker.service [root@docker01 ~]# systemctl enable --now docker.service [root@docker01 ~]# docker info # 查看 -
docker常用命令 Docker镜像管理搜索镜像:docker search 获取镜像:docker pull 推送镜像:docker push 查看镜像:docker images 删除镜像:docker rmi <镜像名>:<版本号> 构建镜像:docker build -t <镜像名> 全部镜像ID:docker images ls -q 查看镜像的状态:docker container ls -a 导出镜像:docker commit <容器名> <镜像名字>:<版本号> 镜像保存到为tar文件:docker save -o myimage.tar myimage:latest 把tar文件加载为镜像:docker load -i myimage.tarDocker容器管理启动容器:docker run –name -h hostname docker container run -d --name my-nginx -p 8080:80 -v /test:/usr/share/nginx/html/ c2c45d506085 docker run -d -P nginx -d 运行在后台 -P 代表随机映射 -v 挂载 停止容器:docker stop CONTAINER ID 启动容器:docker start CONTAINER ID 重启容器:docker restart CONTAINER ID 查看容器:docker ps -a -l 进入容器:docker exec -it ID bash| docker attach | nsenter 删除容器:docker rm docker container rm -f 查看容器日志:docker logs CONTAINER ID 查看容器进程:docker top <容器ID或者名字> 查看容器或者镜像详细信息:docker inspect <容器ID或者名字> or <镜像名字>:<版本号> docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' <容器ID或者名字> #查看容器的IP下面是危险命令!杀死所有正在运行的容器:docker container rm -f `docker container ls -a -q` #删除所有容器 docker kill $(docker ps -a -q) 1a29a9cdffdf 30c74a556850删除所有容器(只有先停止才可以删除)docker rm $(docker ps -a -q) 30c74a556850 b2bef96c8330Docker 网络访问随机映射:docker run -P 指定映射: -p hostPort:containerPort -p ip:hostPort:containerPort #以上两种比较常用 -p ip::containerPort -p hostPort:containerPort:udp 提示:默认都是tcp,如果需要udp需要在后面指定Docker 查看容器映射信息[root@linux-node1 ~]# docker port mynginx 80/tcp -> 192.168.56.11:81 [root@linux-node1 ~]# docker port 65439bce352e 80/tcp -> 192.168.56.11:81当需要把一台机器上的镜像迁移到另一台机器的时候,需要保存镜像与加载镜像。机器adocker save busybox-1 > /home/save.tar 使用scp将save.tar拷到机器b上,然后: docker load < /home/save.tar
-
使用ansible快速部署一套集群 1.Roles基本概述 通过使用 roles,你可以将复杂的设置和操作流程封装在一个统一的文件夹下,进而实现代码的复用和模块化例如你要部署负载均衡、web服务器、nfs、数据库,那你可以创建四个role每个role都组织管理了好了各白需要的所有元素(包括任务、变量、handler、文件等)的目录结构。2.创建单独一个Role 一个完整的Role里包含的目录和文件可能较多,手动去创建所有这些目录和文件是一件比较烦人的事,好在可以使用ansible-galaxy init ROLE NAME命令来快速创建一个符合Role文件组织规范的框架。[root@lb workspace]# ansible-galaxy init first_role [root@lb workspace]# tree first_role/ first_role/ # 角色名称,或者叫项目名 ├── README.md ├── defaults # 默认的变量(优先级很低) │ └── main.yml ├── files # 存放文件,使用copy模块时自动获取 ├── handlers # 存放触发器的配置 │ └── main.yml ├── meta # 依赖的服务,执行该项目时先执行其他的项目 │ └── main.yml ├── tasks # 默认执行的playbook │ └── main.yml ├── templates # 存放jinja2模板,使用template模块时自动获取 ├── tests │ ├── inventory │ └── test.yml └── vars # 存放变量 └── main.yml3.一些关键介绍 Ansible Roles的依赖关系说明`roles`允许你再使用roles时自动引入其他的roles。role依赖关系存储在roles目录中meta/main.yml文件中。 例如:推送wordpress并解压,前提条件,必须要安装nginx和php,把服务跑起来,才能运行wordpress的页面,此时我们就可以在wordpress的roles中定义依赖nginx和php的roles[root@m01 roles]# vim /etc/ansible/roles/wordpress/meta/main.yml dependencies: - { role: nginx } - { role: php } 如果编写了meta目录下的main.yml文件,那么Ansible会自动先执行meta目录中main.yml文件中的dependencies文件,如上所示,就会先执行nginx和php的安装。Role中有两个地方可以定义变量:roles/xxx/defaults/main.yml:用于定义Role的默认变量roles/xxx/vars/main.yml:用于定义其它变量两个文件之间的区别在于,defaults/main.yml中定义的变量优先级低于vars/main.yml中定义的变量。事实上,defaults/main.yml中的变量优先级几乎是最低的,基本上其它任何地方定义的变量都可以覆盖它4.基于roles机制重构playbook主机IP身份m01192.168.110.110控制端web01192.168.110.97受控端db01192.168.110.163受控端nfs192.168.110.51受控端web02192.168.110.191受控端lb01192.168.110.138受控端配置主机清单[root@manager ~]# cat /etc/ansible/hosts [lb] lb01 ansible_ssh_pass='1' [nfs_server] nfs ansible_ssh_pass='1' [web_group] web01 ansible_ssh_pass='1' web02 ansible_ssh_pass='1' [db_server] db01 ansible_ssh_pass='1' [www:children] lb nfs_server web_group db_server配置hosts[root@manager ~]# cat /etc/hosts # 添加如下内容 192.168.110.138 lb01 192.168.110.51 nfs 192.168.110.91 web01 192.168.110.191 web02 192.168.110.163 db01创建项目及各个role# 1、创建项目目录,项目名就叫roles吧,好理解 mkdir /project mkdir /project/roles # 2、在roles目录下创建一系列的role cd /project/roles # 切换到工作目录下 ansible-galaxy init base # 基础优化role ansible-galaxy init nfs # 部署nfs服务的role ansible-galaxy init web # 部署web服务的role ansible-galaxy init mysql # 部署mysql服务的role ansible-galaxy init lb # 部署lb负载均衡服务的role ansible-galaxy init wordpress # 部署wordpress项目的rolebase role[root@m01 tasks]# cat /project/roles/base/tasks/main.yml # tasks file for base - name: Stop Selinux selinux: state: disabled - name: Create www Group group: name: www gid: 1666 state: present - name: Create www User user: name: www uid: 1666 group: www shell: /sbin/nologin create_home: false state: presentnfs role 准备文件[root@m01 tasks]# cat /project/roles/nfs/files/exports.txt /data 192.168.110.0/24(rw,sync,all_squash) 编写tasks[root@m01 tasks]# cat /project/roles/nfs/tasks/main.yml # tasks file for nfs - name: Install nfs-util yum: name: nfs* state: present - name: mkidr /data file: path: "/data" state: directory - name: Config nfs copy: src: "exports.txt" dest: /etc/exports - name: Start nfs-server systemd: name: nfs-server state: restarted enabled: trueweb role 部署两台web上的Nginx+php环境,并且挂载好nfs共享存储 (1)准备好包和配置文件 nginx的安装源文件 cd /project/roles/web/filescat > nginx.repo << "EOF" [nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true EOFnginx转发php-fpm的配置cat > myweb.conf << "EOF" server { listen 8181; server_name localhost; location / { root /usr/share/nginx/html; index index.php index.html; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name; fastcgi_param HTTPS on; include fastcgi_params; } } EOF准备好php-fpm的配置文件cat > www.conf << "EOF" [www] user = www group = www listen = 127.0.0.1:9000 listen.allowed_clients = 127.0.0.1 pm = dynamic pm.max_children = 50 pm.start_servers = 5 pm.min_spare_servers = 5 pm.max_spare_servers = 35 slowlog = /var/opt/remi/php74/log/php-fpm/www-slow.log php_admin_value[error_log] = /var/opt/remi/php74/log/php-fpm/www-error.log php_admin_flag[log_errors] = on php_value[soap.wsdl_cache_dir] = /var/opt/remi/php74/lib/php/wsdlcache EOF(2)编写部署php-fpm+nginx的剧本 vi /project/roles/web/tasks/mian.yml# 1、安装php - name: Gather OS version command: cat /etc/redhat-release register: os_version - name: Extract major version from OS version set_fact: os_major_version: "{{ os_version.stdout.split()[3] | regex_replace('\\..*$', '') }}" - name: Extract minor version from OS version set_fact: os_minor_version: "{{ os_version.stdout.split()[3] | regex_replace('^[^.]*\\.', '') }}" - name: Install rpm package for CentOS 7.9 yum: name: http://rpms.remirepo.net/enterprise/remi-release-7.rpm state: latest when: os_major_version == '7' and os_minor_version == '9.2009' - name: Install rpm package for CentOS 9.3 yum: name: http://rpms.remirepo.net/enterprise/remi-release-9.3.rpm state: latest when: os_major_version == '9' and os_minor_version == '3' - name: Install php-fpm yum: name: - 'php74-php-pdo' - 'php74-php-mbstring' - 'php74-php-cli' - 'php74-php-fpm' - 'php74-php-mysqlnd' state: latest - name: Config php-fpm copy: src: www.conf dest: /etc/opt/remi/php74/php-fpm.d/www.conf notify: restart_php - name: Start php-fpm systemd: name: php74-php-fpm state: restarted enabled: true #2、安装nginx,配置nginx代理php-fpm - name: copy nginx.repo copy: src: nginx.repo dest: /etc/yum.repos.d/nginx.repo - name: Install nginx yum: name: nginx state: latest - name: Config nginx copy: src: myweb.conf dest: /etc/nginx/conf.d/myweb.conf notify: restart_nginx - name: Start nginx server systemd: name: nginx state: restarted enabled: true #3、配置所有web服务挂载nfs - name: 安装nfs yum: name: nfs-utils state: latest - name: 挂载 mount: path: /usr/share/nginx/html src: "{{ nfs_share_dir }}" fstype: nfs opts: defaults state: mounted配置触发器handler[root@m01 base]# cat /project/roles/web/handlers/main.yml # handlers file for web - name: restart_php systemd: name: php74-php-fpm state: restarted - name: restart_nginx systemd: name: nginx state: restarted 创建变量[root@m01 roles]# cat web/vars/main.yml nfs_share_dir: "192.168.110.51:/data"mysql role安装mysql_db模块ansible-galaxy collection install community.mysql编写剧本[root@m01 base]# cat /project/roles/web/handlers/main.yml # handlers file for web - name: restart_php systemd: name: php74-php-fpm state: restarted - name: restart_nginx systemd: name: nginx state: restarted [root@m01 base]# cat /project/roles/mysql/tasks/main.yml # tasks file for mysql - name: Download PyMySQL tar.gz get_url: url: https://files.pythonhosted.org/packages/44/39/6bcb83cae0095a31b6be4511707fdf2009d3e29903a55a0494d3a9a2fac0/PyMySQL-0.8.1.tar.gz dest: /tmp/PyMySQL-0.8.1.tar.gz - name: Extract PyMySQL tar.gz unarchive: src: /tmp/PyMySQL-0.8.1.tar.gz dest: /tmp/ remote_src: yes - name: Install PyMySQL command: cmd: "python setup.py install" chdir: "/tmp/PyMySQL-0.8.1" - name: clear mysql shell: "yum remove mysql* -y" ignore_errors: True - name: Install mariadb yum: name: mariadb* state: latest - name: init maridb shell: "rm -rf /var/lib/mysql/*" - name: Start mariadb systemd: name: mariadb state: restarted enabled: true - name: create database mysql_db: # root登录localhost不允许,需要用套接字登录 login_unix_socket: /var/lib/mysql/mysql.sock # 引用变量名必须加引号,否则报错 name: "{{ my_db.name }}" state: present encoding: "{{ my_db.encoding }}" - name: grant all on *.* to 'bob'@'192.168.110.%' identified by '12345'; mysql_user: login_unix_socket: /var/lib/mysql/mysql.sock # 引用变量名必须加引号,否则报错 name: "{{ my_user.name }}" host: "{{ my_user.host }}" password: "{{ my_user.password }}" priv: "{{ my_user.priv }}" state: present创建变量文件[root@m01 base]# cat /project/roles/mysql/vars/main.yml # vars file for mysql my_db: name: wordpress encoding: utf8mb4 my_user: name: bob host: 192.168.110.% password: 12345 priv: '*.*:ALL' lb role 准备nginx.repo cd /project/roles/lb/filescat > lb/files/nginx.repo << "EOF" [nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true EOF准备证书openssl genrsa -out server.key 2048 openssl req -new -x509 -days 3650 -key server.key -out server.crt -subj "/C=CH/ST=mykey/L=mykey/O=mykey/OU=mykey/CN=domain1/CN=www.egon.com/CN=domain3"放置证书到lb/files目录下[root@m01 roles]# mv server.* /project/roles/lb/files/准备配置文件[root@m01 base]# cat /project/roles/lb/files/nginx.conf user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { upstream webserver { server 192.168.110.97:8181; server 192.168.110.191:8181; } server { listen 443 ssl; server_name www.egon.com 192.168.110.138; ssl_certificate /etc/nginx/ssl_key/server.crt; ssl_certificate_key /etc/nginx/ssl_key/server.key; location / { proxy_pass http://webserver; # 把真实的访问者ip发给后端web,后端web会据此来拼接静态文件的url地址以便让访问者浏览器发起二次请求 # 如果没有下面的这段内容,后端web会将静态资源的url地址拼成http://webserver/static/img/1.jpg的形式,导致访问者浏览器二次访问失败 proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_next_upstream error timeout http_500 http_502 http_503 http_504 http_403 http_404; } } server { listen 80; server_name 192.168.110.138 www.egon.com; rewrite (.*) https://$server_name$1; } } 编写剧本[root@m01 base]# cat /project/roles/lb/tasks/main.yml # tasks file for lb - name: clear nginx shell: > yum remove nginx* -y ; rm -rf /etc/nginx /usr/share/nginx - name: copy nginx.repo copy: src: nginx.repo dest: /etc/yum.repos.d/nginx.repo - name: Install nginx yum: name: nginx state: latest - name: Create dir file: path: /etc/nginx/ssl_key state: directory - name: copy multiple files copy: src: "{{ item.src }}" dest: "{{ item.dest }}" with_items: - { src: 'nginx.conf', dest: '/etc/nginx/nginx.conf'} - { src: 'server.crt', dest: '/etc/nginx/ssl_key/server.crt'} - { src: 'server.key', dest: '/etc/nginx/ssl_key/server.key'} notify: restart_nginx - name: Start nginx server systemd: name: nginx state: restarted enabled: true 配置触发器[root@m01 base]# cat /project/roles/lb/handlers/main.yml # handlers file for lb - name: restart_nginx systemd: name: nginx state: restartedwordpress role 安装包cd /project/roles/wordpress/files wget https://wordpress.org/latest.zip准备好配置文件(配置上数据库相关信息)[root@m01 base]# cat /project/roles/wordpress/files/wp-config.php <?php define( 'DB_NAME', 'wordpress' ); define( 'DB_USER', 'bob' ); define( 'DB_PASSWORD', '12345' ); define( 'DB_HOST', '192.168.110.138' ); define( 'DB_CHARSET', 'utf8mb4' ); define( 'DB_COLLATE', '' ); define( 'AUTH_KEY', 'put your unique phrase here' ); define( 'SECURE_AUTH_KEY', 'put your unique phrase here' ); define( 'LOGGED_IN_KEY', 'put your unique phrase here' ); define( 'NONCE_KEY', 'put your unique phrase here' ); define( 'AUTH_SALT', 'put your unique phrase here' ); define( 'SECURE_AUTH_SALT', 'put your unique phrase here' ); define( 'LOGGED_IN_SALT', 'put your unique phrase here' ); define( 'NONCE_SALT', 'put your unique phrase here' ); $table_prefix = 'wp_'; define( 'WP_DEBUG', false ); if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', __DIR__ . '/' ); } require_once ABSPATH . 'wp-settings.php'; EOF 编写剧本(解压到nfs共享目录里就发布给了所有的web服务)[root@m01 base]# cat /project/roles/lb/handlers/main.yml # handlers file for lb - name: restart_nginx systemd: name: nginx state: restarted [root@m01 base]# cat /project/roles/wordpress/tasks/main.yml --- # tasks file for wordpress - name: mkdir /data copy: src: "latest.zip" dest: "/data" - name: install unzip yum: name: unzip state: present - name: 发布 shell: unzip /data/latest.zip -d /data - name: 传送配置 copy: src: "wp-config.php" dest: "/data/wordpress/wp-config.php"整合为一个playbook编写一个playbook剧本,剧本里面一如各个子role,运行的时候运行这一个playbook即可[root@m01 base]# cat /project/roles/run.yml - name: 优化部分 hosts: all roles: - base - name: 安装nfs hosts: nfs_server roles: - nfs - name: 安装web hosts: web_group roles: # 其实你可以将安装web进一步细分为nginx role与php role,留给你作业了 - web - name: 安装数据库 hosts: db_server roles: - mysql - name: 配置负载均衡和高可用 hosts: lb_server roles: - lb #- keepalived # 高可用role留给你来实现 - name: 发布wordpress项目 hosts: nfs_server roles: - wordpress补充:各个子role里的hosts其实不用指定,run.yml已经指定了ansible-playbook /project/roles/run.yml访问负载均衡:https://192.168.110.138/wordpress/
-
配置一台YUM源服务器 先下载好镜像下面这个是阿里的镜像站,可以自己选择版本https://mirrors.aliyun.com/centos/7.9.2009/isos/x86_64/?spm=a2c6h.25603864.0.0.18a9f5adJSpgfw1.测试环境准备两台CentOS7.9操作系统的服务器或虚拟机,host01作为服务端,host02作为客户端,要确保客户端必须可以访问到服务端; 准备好CentOS7.9的ISO文件:CentOS-7-x86_64-DVD-2009.iso 关闭防火墙和SELinux,开启防火墙的情况下需要开放80端口,因为下面我使用web软件对外提供服务。2.测试场景测试过程中分为以下两种情况: (1)仅将ISO文件中的安装包上传到服务器中; (2)需要自定义软件包,比如将ISO文件中的安装包和自己下载的软件包一起放在YUM源服务器中; 两种情况也可以理解成一种,实际上它们都是rpm包。3.前提条件需要在服务端安装web服务,这里使用Apache,也可以使用Nginx;安装Apache:yum install httpd -y如果服务端不能访问外面,需要先配置本地YUM源,本地YUM源的方法见本文末尾。启动服务:systemctl start httpd当然服务端不强制使用web服务,也可以使用ftp服务。4.仅使用ISO文件中的安装包这个需求是最简单的,因为ISO文件中自带软件包索引文件,不需要额外创建。4.1挂载ISO文件挂载ISO文件后,可以看到以下目录及文件:重点是Packages和repodata两个目录,KEY文件可以不使用。基本Packages包含所有软件包,repodata包含软件包的索引文件。4.2拷贝ISO中的软件包到服务端创建目录:mkdir /var/www/html/CentOS7.9拷贝文件:cp -a /mnt/Packages /var/www/html/CentOS7.9 cp -a /mnt/repodata /var/www/html/CentOS7.9http://192.168.110.51/CentOS7.9/4.3配置客户端测试[root@localhost yum.repos.d]# cat /etc/yum.repos.d/local.repo [Local_YUM] name=Local_YUM baseurl=http://192.168.110.51/CentOS7.9 enable=1 gpgcheck=0 [root@localhost yum.repos.d]# yum makecache 已加载插件:fastestmirrorLoading mirror speeds from cached hostfileLocal_YUM | 3.6 kB 00:00:00 Local_YUM/group_gz FAILED http://192.168.110.51/CentOS7.9/repodata/a4e2b46586aa556c3b6f814dad5b16db5a669984d66b68e873586cd7c7253301-c7-x86_64-comps.xml.gz: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。To address this issue please refer to the below wiki article https://wiki.centos.org/yum-errorsIf above article doesn't help to resolve this issue please use https://bugs.centos.org/.Local_YUM/primary_db FAILED http://192.168.110.51/CentOS7.9/repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/filelists_db FAILED http://192.168.110.51/CentOS7.9/repodata/60aa4673bf5fa63d1a7a640ef407b8e48fe5b3337720d844a29a53fec130d6da-filelists.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/other_db FAILED http://192.168.110.51/CentOS7.9/repodata/9d6292fa12fd9ca472fafa8c0b348c3e1f139681aa066d41dc53b3563bcd1f53-other.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/primary_db FAILED http://192.168.110.51/CentOS7.9/repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/other_db FAILED http://192.168.110.51/CentOS7.9/repodata/9d6292fa12fd9ca472fafa8c0b348c3e1f139681aa066d41dc53b3563bcd1f53-other.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/filelists_db FAILED http://192.168.110.51/CentOS7.9/repodata/60aa4673bf5fa63d1a7a640ef407b8e48fe5b3337720d844a29a53fec130d6da-filelists.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。http://192.168.110.51/CentOS7.9/repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。 One of the configured repositories failed (Local_YUM), and yum doesn't have enough cached data to continue. At this point the only safe thing yum can do is fail. There are a few ways to work "fix" this: 1. Contact the upstream for the repository and get them to fix the problem. 2. Reconfigure the baseurl/etc. for the repository, to point to a working upstream. This is most often useful if you are using a newer distribution release than is supported by the repository (and the packages for the previous distribution release still work). 3. Run the command with the repository temporarily disabled yum --disablerepo=Local_YUM ... 4. Disable the repository permanently, so yum won't use it by default. Yum will then just ignore the repository until you permanently enable it again or use --enablerepo for temporary usage: yum-config-manager --disable Local_YUM or subscription-manager repos --disable=Local_YUM 5. Configure the failing repository to be skipped, if it is unavailable. Note that yum will try to contact the repo. when it runs most commands, so will have to try and fail each time (and thus. yum will be be much slower). If it is a very temporary problem though, this is often a nice compromise: yum-config-manager --save --setopt=Local_YUM.skip_if_unavailable=truefailure: repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2 from Local_YUM: [Errno 256] No more mirrors to try.http://192.168.110.51/CentOS7.9/repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found如果报错的话repodata的元数据有问题,这问题是没有后缀手动生成了后缀。mv a4e2b46586aa556c3b6f814dad5b16db5a669984d66b68e873586cd7c7253301 a4e2b46586aa556c3b6f814dad5b16db5a669984d66b68e873586cd7c7253301-c7-x86_64-comps.xml.gz mv 0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1 0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2 mv 60aa4673bf5fa63d1a7a640ef407b8e48fe5b3337720d844a29a53fec130d6da 60aa4673bf5fa63d1a7a640ef407b8e48fe5b3337720d844a29a53fec130d6da-filelists.sqlite.bz2 mv 9d6292fa12fd9ca472fafa8c0b348c3e1f139681aa066d41dc53b3563bcd1f53 9d6292fa12fd9ca472fafa8c0b348c3e1f139681aa066d41dc53b3563bcd1f53-other.sqlite.bz2另一种方式是使用createrepo重新生成元数据:createrepo /path/to/your/local/repo4.3.1 配置YUM文件将原有的配置文件删除,新建一个:rm -rf /etc/yum.repos.d/* touch /etc/yum.repos.d/local.repo #注意文件名必须以repo结尾vi /etc/yum.repos.d/local.repo [Local_YUM] name=Local_YUM baseurl=http://192.168.110.51/CentOS7.9 enable=1 gpgcheck=04.3.2 更新YUM缓存yum clean all yum makecache4.3.3 安装软件包安装一个系统中未安装的软件包,这里以wget软件为例:rpm -qa | grep wget #查看wget软件包是否安装 yum install wget -y #安装wget5.添加自定义安装包到YUM服务器中5.1准备软件包比如需要安装数据库:MariaDB-server-10.11.7,此时YUM服务器是不存在这些软件包的,先把软件包上传到服务器中,如:MariaDB-server目录中包含了MariaDB-server-10.11.7和MariaDB-client-10.11.7所需要的依赖包,但只有rpm包还不能使用,需要为它们创建索引文件。5.2创建索引创建索引需要使用createrepo命令,默认情况下未安装该命令,安装createrepo:yum install createrepo -y比如说安装MariaDB先去官网将其复制并粘贴到 /etc/yum.repos.d 下的文件中(建议将文件命名为 MariaDB.repo 或类似名称)。 # MariaDB 11.4 CentOS repository list - created 2024-07-15 08:20 UTC # https://mariadb.org/download/ [mariadb] name = MariaDB # rpm.mariadb.org is a dynamic mirror if your preferred mirror goes offline. See https://mariadb.org/mirrorbits/ for details. # baseurl = https://rpm.mariadb.org/11.4/centos/$releasever/$basearch baseurl = https://mirror.rackspace.com/mariadb/yum/11.4/centos/$releasever/$basearch module_hotfixes = 1 # gpgkey = https://rpm.mariadb.org/RPM-GPG-KEY-MariaDB gpgkey = https://mirror.rackspace.com/mariadb/yum/RPM-GPG-KEY-MariaDB gpgcheck = 1sudo yum --downloadonly --downloaddir=/root/abc install MariaDB-server MariaDB-client 可以把安装包和依赖包缓存起来并且指定路径创建索引信息:createrepo -v /var/www/html/MariaDB-server因为之前配置ISO文件中的软件包不包含MariaDB 10.11.7版本,所以还无法安装成功。5.3.1配置YUM文件touch /etc/yum.repos.d/mariadb.repo vi /etc/yum.repos.d/mariadb.repo [Mariadb_YUM] name=Mariadb_YUM baseurl=http://192.168.110.51/MariaDB-server enable=1 gpgcheck=05.3.2更新YUM缓存yum install MariaDB-server-11.4.2 MariaDB-client-11.4.2已经可以安装成功了。6.总结至此,我们已经拥有一台在内网可以使用的YUM服务器了;以上也可以将所有rpm软件包放在同一个目录中,使用createrepo命令创建索引,以上为了区分配置了两个目录;重点操作:在客户端配置YUM文件中的baseurl时,路径为repodata目录所在的目录,比如repodata目录在MariaDB-server中,则写成:baseurl=http://192.168.110.51/MariaDB-server附录:(1)挂载ISO文件如果使用的是VMWare虚拟机管理工具,把iso文件挂载到光驱中,然后挂载,比如将镜像到mnt目录下:mount /dev/cdrom /mnt如果是其他方式,可以将iso文件上传到操作系统中,其后挂载:mount -o loop CentOS-7-x86_64-DVD-1810.iso /mnt(2)移除/备份系统当前YUM文件备份当前系统中的YUM源配置文件:mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak(3)创建并配置YUM文件vim /etc/yum.repos.d/localyum.repo增加内容如下:[CentOS7.6] name=CentOS7.6 Local YUMbaseurl=file:///mnt gpgcheck=0 enabled=1参数说明: 参数说明: [CentOS7.6] #名称,需自定义,确保在YUM配置文件中唯一 name=CentOS7.6 Local YUM #描述信息 baseurl=file:///mnt #设置 yum 源目录为mnt,根据挂载的目录而定 gpgcheck=0 #检查GPG-KEY,0为不检查,1为检查 enabled=1 #是否用该yum源,0为禁用,1为使用更新软件包索引:yum clean all yum makecache
-
rockylinux 9.3详细安装drbd+keepalived drbd参考上一篇博客先明确主服务器的keepalivde的配置drbd关闭时执行的脚本 keepalivde关闭时执行的脚本 故障恢复主服务器自动抢回vip的脚本 脚本记得给执行权限从服务器的keepalivde的配置主服务器失效后,从服务器自动挂载,并且成为主服务器,vip也会跟随过来。 原主服务器正常后,主服务器自动降为从服务器,并且取消挂载,vip也会自动转移走。两台主机操作drbdadm status #确定drbd正常工作 dnf install -y keepalivedalpha节点操作/etc/keepalived/keepalived.conf! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id DRBD_HA_MASTER } vrrp_script chk_drbd { script "/etc/keepalived/check_drbd.sh" interval 5 } vrrp_instance VI_1 { state MASTER interface ens160 virtual_router_id 51 priority 150 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_drbd } notify_stop /etc/keepalived/notify_stop.sh ### keepalived服务关闭执行的脚本 notify_master /etc/keepalived/notify_master.sh ### 重新拿回 master 的脚本 virtual_ipaddress { 192.168.110.88 ### vip 请选择一个没有在占用的IP地址 } }通过上面的配置文件,这里需要编写三个脚本,如下:/etc/keepalived/check_drbd.sh#!/bin/bash # Author:hukey systemctl is-active --quiet drbd if [ $? -ne 0 ]; then systemctl start drbd if [ $? -ne 0 ]; then umount /mnt drbdadm secondary drbd0 systemctl stop keepalived fi fi/etc/keepalived/notify_stop.sh#!/bin/bash # Author:hukey time=`date "+%F %H:%M:%S"` echo -e "$time ------notify_stop------\n" >> /etc/keepalived/logs/notify_stop.log umount /mnt drbdadm secondary drbd0 /usr/sbin/fuser -k /mnt &>> /etc/keepalived/logs/notify_stop.log /bin/umount /mnt &>> /etc/keepalived/logs/notify_stop.log echo -e "\n" >> /etc/keepalived/logs/notify_stop.log/etc/keepalived/notify_master.sh#!/bin/bash # Author:hukey time=`date "+%F %H:%M:%S"` echo -e "$time ------notify_master------\n" >> /etc/keepalived/logs/notify_master.log systemctl start drbd &>> /etc/keepalived/logs/notify_master.log for (( i=1; i <=3; i++)) do drbdadm status | egrep -q 'Primary' if [ $? -ne 0 ]; then mount /mnt drbdadm primary drbd0 /bin/mount /dev/drbd0 /mnt &>> /etc/keepalived/logs/notify_master.log break else sleep 3 fi done echo -e "\n" >> /etc/keepalived/logs/notify_master.脚本所需目录和命令yum install -y psmisc mkdir -pv /etc/keepalived/logs------------------------alpha节点操作完毕------------------------bravo节点操作/etc/keepalived/keepalived.conf! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id DRBD_HA_BACKUP } vrrp_instance VI_1 { state BACKUP interface ens160 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } notify_master /etc/keepalived/notify_master.sh notify_backup /etc/keepalived/notify_backup.sh virtual_ipaddress { 192.168.110.88 } }/etc/keepalived/notify_master.sh#!/bin/bash # Author:hukey time=`date "+%F %H:%M:%S"` echo -e "$time ------notify_master------\n" >> /etc/keepalived/logs/notify_master.log systemctl start drbd &>> /etc/keepalived/logs/notify_master.log for (( i=1; i <=3; i++)) do drbdadm status | egrep -q 'Primary' if [ $? -ne 0 ]; then drbdadm primary drbd0 mount /dev/drbd0 /mnt /bin/mount /dev/drbd0 /mnt &>> /etc/keepalived/logs/notify_master.log break else sleep 3 fi done echo -e "\n" >> /etc/keepalived/logs/notify_master.log/etc/keepalived/notify_backup.sh#!/bin/bash # Author:hukey time=`date "+%F %H:%M:%S"` echo -e "$time ------notify_backup------\n" &>> /etc/keepalived/logs/notify_backup.log umount /mnt drbdadm secondary drbd0 /usr/sbin/fuser -k /data &>> /etc/keepalived/logs/notify_backup.log /bin/umount /dev/drbd0 &>> /etc/keepalived/logs/notify_backup.log echo $time echo -e "\n" &>> /etc/keepalived/logs/notify_backup.log启动服务 两台主机操作#开机自启 systemctl enable drbd keepalived systemctl restart drbd keepalived启动后查看 alpha 节点 VIP 和 目录是否挂载:注意: 如果发现 vip 或者 drbd 没有挂载,检查一下配置文件是否有问题。测试1.关闭 alpha 节点 keepalived 服务systemctl stop keepalived2.查看 bravo 节点是否升级为主节点3.alpha开启节点 keepalived 服务 bravo 节点关闭keepalived 服务如果vip会自动漂移和会自动挂载就说明成功了还有一个可以测试的,主服务器systemctl stop drbd,五秒后使用systemctl status drbd查看,如果已经启动说明脚本基本没问题。最后drbd+keepalived就完成了,还可以加上nfs。nfs比较简单就不写了。。。
